]>
Commit | Line | Data |
---|---|---|
b41d8d4d | 1 | 20010216 |
2 | - (bal) added '--with-prce' to allow overriding of system regex when | |
3 | required (tested by David Dulek <ddulek@fastenal.com>) | |
d6fdb079 | 4 | - (bal) Added DG/UX case and set that they have a broken IPTOS. |
b41d8d4d | 5 | |
0086bfaf | 6 | 20010215 |
7 | - (djm) Move PAM session setup back to before setuid to user. Fixes | |
8 | problems on Solaris-derived PAMs. | |
e11aab29 | 9 | - (djm) Clean up PAM namespace. Suggested by Darren Moffat |
10 | <Darren.Moffat@eng.sun.com> | |
9e3c31f7 | 11 | - (bal) Sync w/ OpenSSH for new release |
12 | - markus@cvs.openbsd.org 2001/02/12 12:45:06 | |
13 | [sshconnect1.c] | |
14 | fix xmalloc(0), ok dugsong@ | |
b2552997 | 15 | - markus@cvs.openbsd.org 2001/02/11 12:59:25 |
16 | [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c | |
17 | sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c] | |
18 | 1) clean up the MAC support for SSH-2 | |
19 | 2) allow you to specify the MAC with 'ssh -m' | |
20 | 3) or the 'MACs' keyword in ssh(d)_config | |
21 | 4) add hmac-{md5,sha1}-96 | |
22 | ok stevesk@, provos@ | |
15853e93 | 23 | - markus@cvs.openbsd.org 2001/02/12 16:16:23 |
24 | [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h | |
25 | ssh-keygen.c sshd.8] | |
26 | PermitRootLogin={yes,without-password,forced-commands-only,no} | |
27 | (before this change, root could login even if PermitRootLogin==no) | |
7cc4cf0a | 28 | - deraadt@cvs.openbsd.org 2001/02/12 22:56:09 |
fd193ca4 | 29 | [clientloop.c packet.c ssh-keyscan.c] |
30 | deal with EAGAIN/EINTR selects which were skipped | |
7cc4cf0a | 31 | - markus@cvs.openssh.org 2001/02/13 22:49:40 |
32 | [auth1.c auth2.c] | |
33 | setproctitle(user) only if getpwnam succeeds | |
34 | - markus@cvs.openbsd.org 2001/02/12 23:26:20 | |
35 | [sshd.c] | |
36 | missing memset; from solar@openwall.com | |
37 | - stevesk@cvs.openbsd.org 2001/02/12 20:53:33 | |
38 | [sftp-int.c] | |
39 | lumask now works with 1 numeric arg; ok markus@, djm@ | |
40 | - djm@cvs.openbsd.org 2001/02/14 9:46:03 | |
41 | [sftp-client.c sftp-int.c sftp.1] | |
42 | Fix and document 'preserve modes & times' option ('-p' flag in sftp); | |
43 | ok markus@ | |
0b16bb01 | 44 | - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN. |
45 | - (djm) Move to Jim's 1.2.0 X11 askpass program | |
62da27dd | 46 | - (stevesk) OpenBSD sync: |
47 | - deraadt@cvs.openbsd.org 2001/02/15 01:38:04 | |
48 | [serverloop.c] | |
49 | indent | |
0b16bb01 | 50 | |
1c2d0a13 | 51 | 20010214 |
52 | - (djm) Don't try to close PAM session or delete credentials if the | |
53 | session has not been open or credentials not set. Based on patch from | |
54 | Andrew Bartlett <abartlet@pcug.org.au> | |
0ab1bcba | 55 | - (djm) Move PAM session initialisation until after fork in sshd. Patch |
56 | from Nalin Dahyabhai <nalin@redhat.com> | |
958e5ae4 | 57 | - (bal) Missing function prototype in bsd-snprintf.c patch by |
58 | Mark Miller <markm@swoon.net> | |
b7ccb051 | 59 | - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams |
60 | <cmadams@hiwaay.net> with a little modification and KNF. | |
815800e1 | 61 | - (stevesk) fix for SIA patch, misplaced session_setup_sia() |
1c2d0a13 | 62 | |
0610439b | 63 | 20010213 |
84eb157c | 64 | - (djm) Only test -S potential EGD sockets if they exist and are readable. |
f1312c76 | 65 | - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and |
66 | I did a base KNF over the whe whole file to make it more acceptable. | |
67 | (backed out of original patch and removed it from ChangeLog) | |
01f13020 | 68 | - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by |
69 | Tim Rice <tim@multitalents.net> | |
8d60e965 | 70 | - (stevesk) auth1.c: fix PAM passwordless check. |
0610439b | 71 | |
894a4851 | 72 | 20010212 |
73 | - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1", | |
74 | --define "skip_gnome_askpass 1", --define "rh7 1" and make the | |
75 | implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from | |
76 | Pekka Savola <pekkas@netcore.fi> | |
782d6a0d | 77 | - (djm) Clean up PCRE text in INSTALL |
77db6c3f | 78 | - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby |
79 | <mib@unimelb.edu.au> | |
6f68f28a | 80 | - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com> |
01a7bc9a | 81 | - (stevesk) session.c: remove debugging code. |
894a4851 | 82 | |
abf1f107 | 83 | 20010211 |
84 | - (bal) OpenBSD Sync | |
85 | - markus@cvs.openbsd.org 2001/02/07 22:35:46 | |
86 | [auth1.c auth2.c sshd.c] | |
87 | move k_setpag() to a central place; ok dugsong@ | |
c845316f | 88 | - markus@cvs.openbsd.org 2001/02/10 12:52:02 |
89 | [auth2.c] | |
90 | offer passwd before s/key | |
e6fa162e | 91 | - markus@cvs.openbsd.org 2001/02/8 22:37:10 |
92 | [canohost.c] | |
93 | remove last call to sprintf; ok deraadt@ | |
0ab4b0f0 | 94 | - markus@cvs.openbsd.org 2001/02/10 1:33:32 |
95 | [canohost.c] | |
96 | add debug message, since sshd blocks here if DNS is not available | |
7f8ea238 | 97 | - markus@cvs.openbsd.org 2001/02/10 12:44:02 |
98 | [cli.c] | |
99 | don't call vis() for \r | |
5c470997 | 100 | - danh@cvs.openbsd.org 2001/02/10 0:12:43 |
101 | [scp.c] | |
102 | revert a small change to allow -r option to work again; ok deraadt@ | |
103 | - danh@cvs.openbsd.org 2001/02/10 15:14:11 | |
104 | [scp.c] | |
105 | fix memory leak; ok markus@ | |
a0e6fead | 106 | - djm@cvs.openbsd.org 2001/02/10 0:45:52 |
107 | [scp.1] | |
108 | Mention that you can quote pathnames with spaces in them | |
b3106440 | 109 | - markus@cvs.openbsd.org 2001/02/10 1:46:28 |
110 | [ssh.c] | |
111 | remove mapping of argv[0] -> hostname | |
f72e01a5 | 112 | - markus@cvs.openbsd.org 2001/02/06 22:26:17 |
113 | [sshconnect2.c] | |
114 | do not ask for passphrase in batch mode; report from ejb@ql.org | |
115 | - itojun@cvs.opebsd.org 2001/02/08 10:47:05 | |
5d1d11d1 | 116 | [sshconnect.c sshconnect1.c sshconnect2.c] |
f72e01a5 | 117 | %.30s is too short for IPv6 numeric address. use %.128s for now. |
118 | markus ok | |
119 | - markus@cvs.openbsd.org 2001/02/09 12:28:35 | |
120 | [sshconnect2.c] | |
121 | do not free twice, thanks to /etc/malloc.conf | |
122 | - markus@cvs.openbsd.org 2001/02/09 17:10:53 | |
123 | [sshconnect2.c] | |
124 | partial success: debug->log; "Permission denied" if no more auth methods | |
125 | - markus@cvs.openbsd.org 2001/02/10 12:09:21 | |
126 | [sshconnect2.c] | |
127 | remove some lines | |
e0b2cf6b | 128 | - markus@cvs.openbsd.org 2001/02/09 13:38:07 |
129 | [auth-options.c] | |
130 | reset options if no option is given; from han.holl@prismant.nl | |
ca910e13 | 131 | - markus@cvs.openbsd.org 2001/02/08 21:58:28 |
132 | [channels.c] | |
133 | nuke sprintf, ok deraadt@ | |
134 | - markus@cvs.openbsd.org 2001/02/08 21:58:28 | |
135 | [channels.c] | |
136 | nuke sprintf, ok deraadt@ | |
affa8be4 | 137 | - markus@cvs.openbsd.org 2001/02/06 22:43:02 |
138 | [clientloop.h] | |
139 | remove confusing callback code | |
d2c46e77 | 140 | - deraadt@cvs.openbsd.org 2001/02/08 14:39:36 |
141 | [readconf.c] | |
142 | snprintf | |
cc8aca8a | 143 | - itojun@cvs.openbsd.org 2001/02/08 19:30:52 |
144 | sync with netbsd tree changes. | |
145 | - more strict prototypes, include necessary headers | |
146 | - use paths.h/pathnames.h decls | |
147 | - size_t typecase to int -> u_long | |
5be2ec5e | 148 | - itojun@cvs.openbsd.org 2001/02/07 18:04:50 |
149 | [ssh-keyscan.c] | |
150 | fix size_t -> int cast (use u_long). markus ok | |
151 | - markus@cvs.openbsd.org 2001/02/07 22:43:16 | |
152 | [ssh-keyscan.c] | |
153 | s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com | |
154 | - itojun@cvs.openbsd.org 2001/02/09 9:04:59 | |
155 | [ssh-keyscan.c] | |
156 | do not assume malloc() returns zero-filled region. found by | |
157 | malloc.conf=AJ. | |
f21032a6 | 158 | - markus@cvs.openbsd.org 2001/02/08 22:35:30 |
159 | [sshconnect.c] | |
160 | don't connect if batch_mode is true and stricthostkeychecking set to | |
161 | 'ask' | |
7bbcc167 | 162 | - djm@cvs.openbsd.org 2001/02/04 21:26:07 |
163 | [sshd_config] | |
164 | type: ok markus@ | |
165 | - deraadt@cvs.openbsd.org 2001/02/06 22:07:50 | |
166 | [sshd_config] | |
167 | enable sftp-server by default | |
a2e6d17d | 168 | - deraadt 2001/02/07 8:57:26 |
169 | [xmalloc.c] | |
170 | deal with new ANSI malloc stuff | |
171 | - markus@cvs.openbsd.org 2001/02/07 16:46:08 | |
172 | [xmalloc.c] | |
173 | typo in fatal() | |
174 | - itojun@cvs.openbsd.org 2001/02/07 18:04:50 | |
175 | [xmalloc.c] | |
176 | fix size_t -> int cast (use u_long). markus ok | |
4ef922e3 | 177 | - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong |
178 | [serverloop.c sshconnect1.c] | |
179 | mitigate SSH1 traffic analysis - from Solar Designer | |
180 | <solar@openwall.com>, ok provos@ | |
ca910e13 | 181 | - (bal) fixed sftp-client.c. Return 'status' instead of '0' |
182 | (from the OpenBSD tree) | |
6b442913 | 183 | - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD |
27df9d4a | 184 | - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync) |
17321afe | 185 | - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace. |
f98d56f0 | 186 | - (bal) A bit more whitespace cleanup |
e275684f | 187 | - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett |
188 | <abartlet@pcug.org.au> | |
b27e97b1 | 189 | - (stevesk) misc.c: ssh.h not needed. |
38a316c0 | 190 | - (stevesk) compat.c: more friendly cpp error |
94f38e16 | 191 | - (stevesk) OpenBSD sync: |
192 | - stevesk@cvs.openbsd.org 2001/02/11 06:15:57 | |
193 | [LICENSE] | |
194 | typos and small cleanup; ok deraadt@ | |
abf1f107 | 195 | |
0426a3b4 | 196 | 20010210 |
197 | - (djm) Sync sftp and scp stuff from OpenBSD: | |
198 | - djm@cvs.openbsd.org 2001/02/07 03:55:13 | |
199 | [sftp-client.c] | |
200 | Don't free handles before we are done with them. Based on work from | |
201 | Corinna Vinschen <vinschen@redhat.com>. ok markus@ | |
202 | - djm@cvs.openbsd.org 2001/02/06 22:32:53 | |
203 | [sftp.1] | |
204 | Punctuation fix from Pekka Savola <pekkas@netcore.fi> | |
205 | - deraadt@cvs.openbsd.org 2001/02/07 04:07:29 | |
206 | [sftp.1] | |
207 | pretty up significantly | |
208 | - itojun@cvs.openbsd.org 2001/02/07 06:49:42 | |
209 | [sftp.1] | |
210 | .Bl-.El mismatch. markus ok | |
211 | - djm@cvs.openbsd.org 2001/02/07 06:12:30 | |
212 | [sftp-int.c] | |
213 | Check that target is a directory before doing ls; ok markus@ | |
214 | - itojun@cvs.openbsd.org 2001/02/07 11:01:18 | |
215 | [scp.c sftp-client.c sftp-server.c] | |
216 | unsigned long long -> %llu, not %qu. markus ok | |
217 | - stevesk@cvs.openbsd.org 2001/02/07 11:10:39 | |
218 | [sftp.1 sftp-int.c] | |
219 | more man page cleanup and sync of help text with man page; ok markus@ | |
220 | - markus@cvs.openbsd.org 2001/02/07 14:58:34 | |
221 | [sftp-client.c] | |
222 | older servers reply with SSH2_FXP_NAME + count==0 instead of EOF | |
223 | - djm@cvs.openbsd.org 2001/02/07 15:27:19 | |
224 | [sftp.c] | |
225 | Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov | |
226 | <roumen.petrov@skalasoft.com> | |
227 | - stevesk@cvs.openbsd.org 2001/02/07 15:36:04 | |
228 | [sftp-int.c] | |
229 | portable; ok markus@ | |
230 | - stevesk@cvs.openbsd.org 2001/02/07 15:55:47 | |
231 | [sftp-int.c] | |
232 | lowercase cmds[].c also; ok markus@ | |
233 | - markus@cvs.openbsd.org 2001/02/07 17:04:52 | |
234 | [pathnames.h sftp.c] | |
235 | allow sftp over ssh protocol 1; ok djm@ | |
236 | - deraadt@cvs.openbsd.org 2001/02/08 07:38:55 | |
237 | [scp.c] | |
238 | memory leak fix, and snprintf throughout | |
239 | - deraadt@cvs.openbsd.org 2001/02/08 08:02:02 | |
240 | [sftp-int.c] | |
241 | plug a memory leak | |
242 | - stevesk@cvs.openbsd.org 2001/02/08 10:11:23 | |
243 | [session.c sftp-client.c] | |
244 | %i -> %d | |
245 | - stevesk@cvs.openbsd.org 2001/02/08 10:57:59 | |
246 | [sftp-int.c] | |
247 | typo | |
248 | - stevesk@cvs.openbsd.org 2001/02/08 15:28:07 | |
249 | [sftp-int.c pathnames.h] | |
250 | _PATH_LS; ok markus@ | |
251 | - djm@cvs.openbsd.org 2001/02/09 04:46:25 | |
252 | [sftp-int.c] | |
253 | Check for NULL attribs for chown, chmod & chgrp operations, only send | |
254 | relevant attribs back to server; ok markus@ | |
96b64eb0 | 255 | - djm@cvs.openbsd.org 2001/02/06 15:05:25 |
256 | [sftp.c] | |
257 | Use getopt to process commandline arguments | |
258 | - djm@cvs.openbsd.org 2001/02/06 15:06:21 | |
259 | [sftp.c ] | |
260 | Wait for ssh subprocess at exit | |
261 | - djm@cvs.openbsd.org 2001/02/06 15:18:16 | |
262 | [sftp-int.c] | |
263 | stat target for remote chdir before doing chdir | |
264 | - djm@cvs.openbsd.org 2001/02/06 15:32:54 | |
265 | [sftp.1] | |
266 | Punctuation fix from Pekka Savola <pekkas@netcore.fi> | |
267 | - provos@cvs.openbsd.org 2001/02/05 22:22:02 | |
268 | [sftp-int.c] | |
269 | cleanup get_pathname, fix pwd after failed cd. okay djm@ | |
0426a3b4 | 270 | - (djm) Update makefile.in for _PATH_SFTP_SERVER |
c9f5e42e | 271 | - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree) |
0426a3b4 | 272 | |
6d1e1d2b | 273 | 20010209 |
274 | - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney | |
275 | <rjmooney@mediaone.net> | |
bb0c1991 | 276 | - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the |
277 | main tree while porting forward. Pointed out by Lutz Jaenicke | |
278 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
f902d909 | 279 | - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke |
280 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
25f4c264 | 281 | - (stevesk) OpenBSD sync: |
282 | - markus@cvs.openbsd.org 2001/02/08 11:20:01 | |
283 | [auth2.c] | |
284 | strict checking | |
285 | - markus@cvs.openbsd.org 2001/02/08 11:15:22 | |
286 | [version.h] | |
287 | update to 2.3.2 | |
288 | - markus@cvs.openbsd.org 2001/02/08 11:12:30 | |
289 | [auth2.c] | |
290 | fix typo | |
72b3f75d | 291 | - (djm) Update spec files |
0ed28836 | 292 | - (bal) OpenBSD sync: |
293 | - deraadt@cvs.openbsd.org 2001/02/08 14:38:54 | |
294 | [scp.c] | |
295 | memory leak fix, and snprintf throughout | |
1fc8ccdf | 296 | - markus@cvs.openbsd.org 2001/02/06 22:43:02 |
297 | [clientloop.c] | |
298 | remove confusing callback code | |
0b202697 | 299 | - (djm) Add CVS Id's to files that we have missed |
5ca51e19 | 300 | - (bal) OpenBSD Sync (more): |
301 | - itojun@cvs.openbsd.org 2001/02/08 19:30:52 | |
302 | sync with netbsd tree changes. | |
303 | - more strict prototypes, include necessary headers | |
304 | - use paths.h/pathnames.h decls | |
305 | - size_t typecase to int -> u_long | |
1f3bf5aa | 306 | - markus@cvs.openbsd.org 2001/02/06 22:07:42 |
307 | [ssh.c] | |
308 | fatal() if subsystem fails | |
309 | - markus@cvs.openbsd.org 2001/02/06 22:43:02 | |
310 | [ssh.c] | |
311 | remove confusing callback code | |
312 | - jakob@cvs.openbsd.org 2001/02/06 23:03:24 | |
313 | [ssh.c] | |
314 | add -1 option (force protocol version 1). ok markus@ | |
315 | - jakob@cvs.openbsd.org 2001/02/06 23:06:21 | |
316 | [ssh.c] | |
317 | reorder -{1,2,4,6} options. ok markus@ | |
e6aa01b4 | 318 | - (bal) Missing 'const' in readpass.h |
9c5a8165 | 319 | - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =) |
320 | - djm@cvs.openbsd.org 2001/02/06 23:30:28 | |
321 | [sftp-client.c] | |
322 | replace arc4random with counter for request ids; ok markus@ | |
bc79ed5c | 323 | - (djm) Define _PATH_TTY for systems that don't. Report from Lutz |
324 | Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
6d1e1d2b | 325 | |
6a25c04c | 326 | 20010208 |
327 | - (djm) Don't delete external askpass program in make uninstall target. | |
328 | Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com> | |
6958bd37 | 329 | - (djm) Fix linking of sftp, don't need arc4random any more. |
330 | - (djm) Try to use shell that supports "test -S" for EGD socket search. | |
331 | Based on patch from Tim Rice <tim@multitalents.net> | |
6a25c04c | 332 | |
547519f0 | 333 | 20010207 |
bee0a37e | 334 | - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs |
335 | seem lose track of it while in openbsd-compat/ (two confirmed reports) | |
5c377b3b | 336 | - (djm) Much KNF on PAM code |
547519f0 | 337 | - (djm) Revise auth-pam.c conversation function to be a little more |
338 | readable. | |
5c377b3b | 339 | - (djm) Revise kbd-int PAM conversation function to fold all text messages |
340 | to before first prompt. Fixes hangs if last pam_message did not require | |
341 | a reply. | |
342 | - (djm) Fix password changing when using PAM kbd-int authentication | |
bee0a37e | 343 | |
547519f0 | 344 | 20010205 |
2b87da3b | 345 | - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms |
99286dc8 | 346 | that don't have NGROUPS_MAX. |
57559587 | 347 | - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu> |
2b87da3b | 348 | - (stevesk) OpenBSD sync: |
349 | - stevesk@cvs.openbsd.org 2001/02/04 08:32:27 | |
350 | [many files; did this manually to our top-level source dir] | |
351 | unexpand and remove end-of-line whitespace; ok markus@ | |
408ba72f | 352 | - stevesk@cvs.openbsd.org 2001/02/04 15:21:19 |
353 | [sftp-server.c] | |
354 | SSH2_FILEXFER_ATTR_UIDGID support; ok markus@ | |
ec2a033a | 355 | - deraadt@cvs.openbsd.org 2001/02/04 17:02:32 |
356 | [sftp-int.c] | |
357 | ? == help | |
358 | - deraadt@cvs.openbsd.org 2001/02/04 16:47:46 | |
359 | [sftp-int.c] | |
360 | sort commands, so that abbreviations work as expected | |
361 | - stevesk@cvs.openbsd.org 2001/02/04 15:17:52 | |
362 | [sftp-int.c] | |
363 | debugging sftp: precedence and missing break. chmod, chown, chgrp | |
364 | seem to be working now. | |
365 | - markus@cvs.openbsd.org 2001/02/04 14:41:21 | |
366 | [sftp-int.c] | |
367 | use base 8 for umask/chmod | |
368 | - markus@cvs.openbsd.org 2001/02/04 11:11:54 | |
369 | [sftp-int.c] | |
370 | fix LCD | |
c44559d2 | 371 | - markus@cvs.openbsd.org 2001/02/04 08:10:44 |
372 | [ssh.1] | |
373 | typo; dpo@club-internet.fr | |
a5930351 | 374 | - stevesk@cvs.openbsd.org 2001/02/04 06:30:12 |
375 | [auth2.c authfd.c packet.c] | |
376 | remove duplicate #include's; ok markus@ | |
6a416424 | 377 | - deraadt@cvs.openbsd.org 2001/02/04 16:56:23 |
378 | [scp.c sshd.c] | |
379 | alpha happiness | |
380 | - stevesk@cvs.openbsd.org 2001/02/04 15:12:17 | |
381 | [sshd.c] | |
382 | precedence; ok markus@ | |
02a024dd | 383 | - deraadt@cvs.openbsd.org 2001/02/04 08:14:15 |
6a416424 | 384 | [ssh.c sshd.c] |
385 | make the alpha happy | |
02a024dd | 386 | - markus@cvs.openbsd.org 2001/01/31 13:37:24 |
387 | [channels.c channels.h serverloop.c ssh.c] | |
547519f0 | 388 | do not disconnect if local port forwarding fails, e.g. if port is |
389 | already in use | |
02a024dd | 390 | - markus@cvs.openbsd.org 2001/02/01 14:58:09 |
391 | [channels.c] | |
392 | use ipaddr in channel messages, ietf-secsh wants this | |
393 | - markus@cvs.openbsd.org 2001/01/31 12:26:20 | |
394 | [channels.c] | |
547519f0 | 395 | ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE |
396 | messages; bug report from edmundo@rano.org | |
a741554f | 397 | - markus@cvs.openbsd.org 2001/01/31 13:48:09 |
398 | [sshconnect2.c] | |
399 | unused | |
9378f292 | 400 | - deraadt@cvs.openbsd.org 2001/02/04 08:23:08 |
401 | [sftp-client.c sftp-server.c] | |
402 | make gcc on the alpha even happier | |
1fc243d1 | 403 | |
547519f0 | 404 | 20010204 |
781a0585 | 405 | - (bal) I think this is the last of the bsd-*.h that don't belong. |
634e0b53 | 406 | - (bal) Minor Makefile fix |
f0f14bea | 407 | - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done |
61e96248 | 408 | right. |
78987b57 | 409 | - (bal) Changed order of LIB="" in -with-skey due to library resolving. |
166e4f2a | 410 | - (bal) next-posix.h changed to bsd-nextstep.h |
61e96248 | 411 | - (djm) OpenBSD CVS sync: |
412 | - markus@cvs.openbsd.org 2001/02/03 03:08:38 | |
413 | [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c] | |
414 | [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8] | |
415 | [sshd_config] | |
416 | make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@ | |
417 | - markus@cvs.openbsd.org 2001/02/03 03:19:51 | |
418 | [ssh.1 sshd.8 sshd_config] | |
419 | Skey is now called ChallengeResponse | |
420 | - markus@cvs.openbsd.org 2001/02/03 03:43:09 | |
421 | [sshd.8] | |
422 | use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean | |
423 | channel. note from Erik.Anggard@cygate.se (pr/1659) | |
424 | - stevesk@cvs.openbsd.org 2001/02/03 10:03:06 | |
425 | [ssh.1] | |
426 | typos; ok markus@ | |
427 | - djm@cvs.openbsd.org 2001/02/04 04:11:56 | |
428 | [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h] | |
429 | [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c] | |
430 | Basic interactive sftp client; ok theo@ | |
431 | - (djm) Update RPM specs for new sftp binary | |
432 | - (djm) Update several bits for new optional reverse lookup stuff. I | |
433 | think I got them all. | |
8b061486 | 434 | - (djm) Makefile.in fixes |
1aa00dcb | 435 | - (stevesk) add mysignal() wrapper and use it for the protocol 2 |
436 | SIGCHLD handler. | |
408ba72f | 437 | - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@ |
781a0585 | 438 | |
547519f0 | 439 | 20010203 |
63fe0529 | 440 | - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com> |
bf3db92d | 441 | - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD |
442 | based file) to ensure #include space does not get confused. | |
f78888c7 | 443 | - (bal) Minor Makefile.in tweak. dirname may not exist on some |
444 | platforms so builds fail. (NeXT being a well known one) | |
63fe0529 | 445 | |
547519f0 | 446 | 20010202 |
61e96248 | 447 | - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen |
c85a87f2 | 448 | <vinschen@redhat.com> |
71301416 | 449 | - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms |
450 | that use 'gmake'. Patch by Tim Rice <tim@multitalents.net> | |
c85a87f2 | 451 | |
547519f0 | 452 | 20010201 |
ad5075bd | 453 | - (bal) Minor fix to Makefile to stop rebuilding executables if no |
454 | changes have occured to any of the supporting code. Patch by | |
455 | Roumen Petrov <roumen.petrov@skalasoft.com> | |
456 | ||
9c8dbb1b | 457 | 20010131 |
37845585 | 458 | - (djm) OpenBSD CVS Sync: |
459 | - djm@cvs.openbsd.org 2001/01/30 15:48:53 | |
460 | [sshconnect.c] | |
461 | Make warning message a little more consistent. ok markus@ | |
8c89dd2b | 462 | - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from |
463 | Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com> | |
464 | respectively. | |
c59dc6bd | 465 | - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain |
466 | passwords. | |
9c8dbb1b | 467 | - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to |
468 | openbsd-compat/. And resolve all ./configure and Makefile.in issues | |
469 | assocated. | |
37845585 | 470 | |
9c8dbb1b | 471 | 20010130 |
39929cdb | 472 | - (djm) OpenBSD CVS Sync: |
473 | - markus@cvs.openbsd.org 2001/01/29 09:55:37 | |
474 | [channels.c channels.h clientloop.c serverloop.c] | |
475 | fix select overflow; ok deraadt@ and stevesk@ | |
865ac82e | 476 | - markus@cvs.openbsd.org 2001/01/29 12:42:35 |
477 | [canohost.c canohost.h channels.c clientloop.c] | |
478 | add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS | |
46aa2d1f | 479 | - markus@cvs.openbsd.org 2001/01/29 12:47:32 |
480 | [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c] | |
481 | handle rsa_private_decrypt failures; helps against the Bleichenbacher | |
482 | pkcs#1 attack | |
ae810de7 | 483 | - djm@cvs.openbsd.org 2001/01/29 05:36:11 |
484 | [ssh.1 ssh.c] | |
485 | Allow invocation of sybsystem by commandline (-s); ok markus@ | |
83bc57f9 | 486 | - (stevesk) configure.in: remove duplicate PROG_LS |
39929cdb | 487 | |
9c8dbb1b | 488 | 20010129 |
f29ef605 | 489 | - (stevesk) sftp-server.c: use %lld vs. %qd |
490 | ||
cb9da0fc | 491 | 20010128 |
492 | - (bal) Put USE_PIPES back into sco3.2v5 | |
23c2a7a5 | 493 | - (bal) OpenBSD Sync |
9bd5b720 | 494 | - markus@cvs.openbsd.org 2001/01/28 10:15:34 |
495 | [dispatch.c] | |
496 | re-keying is not supported; ok deraadt@ | |
5fb622e4 | 497 | - markus@cvs.openbsd.org 2001/01/28 10:24:04 |
7f5c4295 | 498 | [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
5fb622e4 | 499 | cleanup AUTHORS sections |
9bd5b720 | 500 | - markus@cvs.openbsd.org 2001/01/28 10:37:26 |
ab60252b | 501 | [sshd.c sshd.8] |
9bd5b720 | 502 | remove -Q, no longer needed |
503 | - stevesk@cvs.openbsd.org 2001/01/28 20:36:16 | |
a877488a | 504 | [readconf.c ssh.1] |
9bd5b720 | 505 | ``StrictHostKeyChecking ask'' documentation and small cleanup. |
506 | ok markus@ | |
6f37606e | 507 | - stevesk@cvs.openbsd.org 2001/01/28 20:43:25 |
61e96248 | 508 | [sshd.8] |
6f37606e | 509 | spelling. ok markus@ |
95f4ccfb | 510 | - stevesk@cvs.openbsd.org 2001/01/28 20:53:21 |
511 | [xmalloc.c] | |
512 | use size_t for strlen() return. ok markus@ | |
6f37606e | 513 | - stevesk@cvs.openbsd.org 2001/01/28 22:27:05 |
514 | [authfile.c] | |
515 | spelling. use sizeof vs. strlen(). ok markus@ | |
9bd5b720 | 516 | - niklas@cvs.openbsd.org 2001/01/29 1:59:14 |
23c2a7a5 | 517 | [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h |
518 | groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h | |
519 | key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h | |
520 | radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1 | |
521 | ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config | |
522 | sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h] | |
523 | $OpenBSD$ | |
b0e305c9 | 524 | - (bal) Minor auth2.c resync. Whitespace and moving of an #include. |
cb9da0fc | 525 | |
c9606e03 | 526 | 20010126 |
61e96248 | 527 | - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen |
c9606e03 | 528 | Petrov <roumen.petrov@skalasoft.com> |
2f4b2e38 | 529 | - (bal) OpenBSD Sync |
530 | - deraadt@cvs.openbsd.org 2001/01/25 8:06:33 | |
531 | [ssh-agent.c] | |
532 | call _exit() in signal handler | |
c9606e03 | 533 | |
d7d5f0b2 | 534 | 20010125 |
535 | - (djm) Sync bsd-* support files: | |
536 | - deraadt@cvs.openbsd.org 2000/01/26 03:43:20 | |
537 | [rresvport.c bindresvport.c] | |
61e96248 | 538 | new bindresvport() semantics that itojun, shin, jean-luc and i have |
d7d5f0b2 | 539 | agreed on, which will be happy for the future. bindresvport_sa() for |
540 | sockaddr *, too. docs later.. | |
541 | - deraadt@cvs.openbsd.org 2000/01/24 02:24:21 | |
542 | [bindresvport.c] | |
61e96248 | 543 | in bindresvport(), if sin is non-NULL, example sin->sin_family for |
d7d5f0b2 | 544 | the actual family being processed |
e1dd3a7a | 545 | - (djm) Mention PRNGd in documentation, it is nicer than EGD |
546 | - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf | |
8080699b | 547 | - (bal) AC_FUNC_STRFTIME added to autoconf |
4ccb01d6 | 548 | - (bal) OpenBSD Resync |
549 | - stevesk@cvs.openbsd.org 2001/01/24 21:03:50 | |
550 | [channels.c] | |
551 | missing freeaddrinfo(); ok markus@ | |
d7d5f0b2 | 552 | |
556eb464 | 553 | 20010124 |
554 | - (bal) OpenBSD Resync | |
555 | - markus@cvs.openbsd.org 2001/01/23 10:45:10 | |
556 | [ssh.h] | |
61e96248 | 557 | nuke comment |
1aecda34 | 558 | - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net> |
559 | - (bal) #ifdef around S_IFSOCK if platform does not support it. | |
560 | patch by Tim Rice <tim@multitalents.net> | |
561 | - (bal) fake-regex.h cleanup based on Tim Rice's patch. | |
c33f0b36 | 562 | - (stevesk) sftp-server.c: fix chmod() mode mask |
556eb464 | 563 | |
effa6591 | 564 | 20010123 |
565 | - (bal) regexp.h typo in configure.in. Should have been regex.h | |
566 | - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@ | |
61e96248 | 567 | - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT |
53a24016 | 568 | - (bal) OpenBSD Resync |
569 | - markus@cvs.openbsd.org 2001/01/22 8:15:00 | |
570 | [auth-krb4.c sshconnect1.c] | |
571 | only AFS needs radix.[ch] | |
572 | - markus@cvs.openbsd.org 2001/01/22 8:32:53 | |
573 | [auth2.c] | |
574 | no need to include; from mouring@etoh.eviladmin.org | |
575 | - stevesk@cvs.openbsd.org 2001/01/22 16:55:21 | |
576 | [key.c] | |
577 | free() -> xfree(); ok markus@ | |
578 | - stevesk@cvs.openbsd.org 2001/01/22 17:22:28 | |
579 | [sshconnect2.c sshd.c] | |
580 | fix memory leaks in SSH2 key exchange; ok markus@ | |
d464095c | 581 | - markus@cvs.openbsd.org 2001/01/22 23:06:39 |
582 | [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h | |
583 | sshconnect1.c sshconnect2.c sshd.c] | |
584 | rename skey -> challenge response. | |
585 | auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled. | |
53a24016 | 586 | |
effa6591 | 587 | |
42f11eb2 | 588 | 20010122 |
589 | - (bal) OpenBSD Resync | |
590 | - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus | |
591 | [servconf.c ssh.h sshd.c] | |
592 | only auth-chall.c needs #ifdef SKEY | |
593 | - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus | |
594 | [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c | |
595 | auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c | |
596 | packet.c pathname.h readconf.c scp.c servconf.c serverloop.c | |
597 | session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h | |
598 | ssh1.h sshconnect1.c sshd.c ttymodes.c] | |
599 | move ssh1 definitions to ssh1.h, pathnames to pathnames.h | |
600 | - markus@cvs.openbsd.org 2001/01/19 16:48:14 | |
601 | [sshd.8] | |
602 | fix typo; from stevesk@ | |
603 | - markus@cvs.openbsd.org 2001/01/19 16:50:58 | |
604 | [ssh-dss.c] | |
61e96248 | 605 | clear and free digest, make consistent with other code (use dlen); from |
42f11eb2 | 606 | stevesk@ |
607 | - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus | |
608 | [auth-options.c auth-options.h auth-rsa.c auth2.c] | |
609 | pass the filename to auth_parse_options() | |
61e96248 | 610 | - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001 |
42f11eb2 | 611 | [readconf.c] |
612 | fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com | |
613 | - stevesk@cvs.openbsd.org 2001/01/20 18:20:29 | |
614 | [sshconnect2.c] | |
615 | dh_new_group() does not return NULL. ok markus@ | |
616 | - markus@cvs.openbsd.org 2001/01/20 21:33:42 | |
617 | [ssh-add.c] | |
61e96248 | 618 | do not loop forever if askpass does not exist; from |
42f11eb2 | 619 | andrew@pimlott.ne.mediaone.net |
620 | - djm@cvs.openbsd.org 2001/01/20 23:00:56 | |
621 | [servconf.c] | |
622 | Check for NULL return from strdelim; ok markus | |
623 | - djm@cvs.openbsd.org 2001/01/20 23:02:07 | |
624 | [readconf.c] | |
625 | KNF; ok markus | |
626 | - jakob@cvs.openbsd.org 2001/01/21 9:00:33 | |
627 | [ssh-keygen.1] | |
628 | remove -R flag; ok markus@ | |
629 | - markus@cvs.openbsd.org 2001/01/21 19:05:40 | |
630 | [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c | |
631 | auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c | |
632 | auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c | |
633 | bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c | |
634 | cipher.c cli.c clientloop.c clientloop.h compat.c compress.c | |
635 | deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c | |
636 | key.c key.h log-client.c log-server.c log.c log.h login.c login.h | |
637 | match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c | |
638 | readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h | |
639 | session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c | |
61e96248 | 640 | ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h |
42f11eb2 | 641 | sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h |
642 | ttysmodes.c uidswap.c xmalloc.c] | |
61e96248 | 643 | split ssh.h and try to cleanup the #include mess. remove unnecessary |
42f11eb2 | 644 | #includes. rename util.[ch] -> misc.[ch] |
645 | - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree | |
61e96248 | 646 | - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve |
42f11eb2 | 647 | conflict when compiling for non-kerb install |
648 | - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes | |
649 | on 1/19. | |
650 | ||
6005a40c | 651 | 20010120 |
652 | - (bal) OpenBSD Resync | |
653 | - markus@cvs.openbsd.org 2001/01/19 12:45:26 | |
654 | [ssh-chall.c servconf.c servconf.h ssh.h sshd.c] | |
655 | only auth-chall.c needs #ifdef SKEY | |
47af6577 | 656 | - (bal) Slight auth2-pam.c clean up. |
657 | - (bal) Includes a fake-regexp.h to be only used if regcomp() is found, | |
658 | but no 'regexp.h' found (SCO OpenServer 3 lacks the header). | |
6005a40c | 659 | |
922e6493 | 660 | 20010119 |
661 | - (djm) Update versions in RPM specfiles | |
59c97189 | 662 | - (bal) OpenBSD Resync |
663 | - markus@cvs.openbsd.org 2001/01/18 16:20:21 | |
664 | [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h | |
665 | sshd.8 sshd.c] | |
61e96248 | 666 | log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many |
59c97189 | 667 | systems |
668 | - markus@cvs.openbsd.org 2001/01/18 16:59:59 | |
669 | [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c | |
670 | session.h sshconnect1.c] | |
671 | 1) removes fake skey from sshd, since this will be much | |
672 | harder with /usr/libexec/auth/login_XXX | |
673 | 2) share/unify code used in ssh-1 and ssh-2 authentication (server side) | |
674 | 3) make addition of BSD_AUTH and other challenge reponse methods | |
675 | easier. | |
676 | - markus@cvs.openbsd.org 2001/01/18 17:12:43 | |
677 | [auth-chall.c auth2-chall.c] | |
678 | rename *-skey.c *-chall.c since the files are not skey specific | |
04fc7a67 | 679 | - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>) |
680 | to fix NULL pointer deref and fake authloop breakage in PAM code. | |
f4ebf0e8 | 681 | - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com> |
3c418020 | 682 | - (bal) Minor cygwin patch to auth1.c. Suggested by djm. |
61e96248 | 683 | |
b5c334cc | 684 | 20010118 |
685 | - (bal) Super Sized OpenBSD Resync | |
686 | - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus | |
687 | [sshd.c] | |
688 | maxfd+1 | |
689 | - markus@cvs.openbsd.org 2001/01/13 17:59:18 | |
690 | [ssh-keygen.1] | |
691 | small ssh-keygen manpage cleanup; stevesk@pobox.com | |
692 | - markus@cvs.openbsd.org 2001/01/13 18:03:07 | |
693 | [scp.c ssh-keygen.c sshd.c] | |
694 | getopt() returns -1 not EOF; stevesk@pobox.com | |
695 | - markus@cvs.openbsd.org 2001/01/13 18:06:54 | |
696 | [ssh-keyscan.c] | |
697 | use SSH_DEFAULT_PORT; from stevesk@pobox.com | |
698 | - markus@cvs.openbsd.org 2001/01/13 18:12:47 | |
699 | [ssh-keyscan.c] | |
700 | free() -> xfree(); fix memory leak; from stevesk@pobox.com | |
701 | - markus@cvs.openbsd.org 2001/01/13 18:14:13 | |
702 | [ssh-add.c] | |
703 | typo, from stevesk@sweden.hp.com | |
704 | - markus@cvs.openbsd.org 2001/01/13 18:32:50 | |
61e96248 | 705 | [packet.c session.c ssh.c sshconnect.c sshd.c] |
b5c334cc | 706 | split out keepalive from packet_interactive (from dale@accentre.com) |
707 | set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too. | |
708 | - markus@cvs.openbsd.org 2001/01/13 18:36:45 | |
709 | [packet.c packet.h] | |
710 | reorder, typo | |
711 | - markus@cvs.openbsd.org 2001/01/13 18:38:00 | |
712 | [auth-options.c] | |
713 | fix comment | |
714 | - markus@cvs.openbsd.org 2001/01/13 18:43:31 | |
715 | [session.c] | |
716 | Wall | |
61e96248 | 717 | - markus@cvs.openbsd.org 2001/01/13 19:14:08 |
b5c334cc | 718 | [clientloop.h clientloop.c ssh.c] |
719 | move callback to headerfile | |
720 | - markus@cvs.openbsd.org 2001/01/15 21:40:10 | |
721 | [ssh.c] | |
722 | use log() instead of stderr | |
723 | - markus@cvs.openbsd.org 2001/01/15 21:43:51 | |
724 | [dh.c] | |
725 | use error() not stderr! | |
726 | - markus@cvs.openbsd.org 2001/01/15 21:45:29 | |
727 | [sftp-server.c] | |
728 | rename must fail if newpath exists, debug off by default | |
729 | - markus@cvs.openbsd.org 2001/01/15 21:46:38 | |
730 | [sftp-server.c] | |
731 | readable long listing for sftp-server, ok deraadt@ | |
732 | - markus@cvs.openbsd.org 2001/01/16 19:20:06 | |
733 | [key.c ssh-rsa.c] | |
61e96248 | 734 | make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from |
735 | galb@vandyke.com. note that you have to delete older ssh2-rsa keys, | |
736 | since they are in the wrong format, too. they must be removed from | |
b5c334cc | 737 | .ssh/authorized_keys2 and .ssh/known_hosts2, etc. |
61e96248 | 738 | (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP |
739 | .ssh/authorized_keys2) additionally, we now check that | |
b5c334cc | 740 | BN_num_bits(rsa->n) >= 768. |
741 | - markus@cvs.openbsd.org 2001/01/16 20:54:27 | |
742 | [sftp-server.c] | |
743 | remove some statics. simpler handles; idea from nisse@lysator.liu.se | |
744 | - deraadt@cvs.openbsd.org 2001/01/16 23:58:08 | |
745 | [bufaux.c radix.c sshconnect.h sshconnect1.c] | |
746 | indent | |
747 | - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may | |
748 | be missing such feature. | |
749 | ||
61e96248 | 750 | |
52ce34a2 | 751 | 20010117 |
752 | - (djm) Only write random seed file at exit | |
717057b6 | 753 | - (djm) Make PAM support optional, enable with --with-pam |
61e96248 | 754 | - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which |
717057b6 | 755 | provides a crypt() of its own) |
756 | - (djm) Avoid a warning in bsd-bindresvport.c | |
757 | - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This | |
61e96248 | 758 | can cause weird segfaults errors on Solaris |
8694a1ce | 759 | - (djm) Avoid warning in PAM code by making read_passphrase arguments const |
d748039d | 760 | - (djm) Add --with-pam to RPM spec files |
52ce34a2 | 761 | |
2fd3c144 | 762 | 20010115 |
763 | - (bal) sftp-server.c change to use chmod() if fchmod() does not exist. | |
89c7e31c | 764 | - (bal) utimes() support via utime() interface on machine that lack utimes(). |
2fd3c144 | 765 | |
63b68889 | 766 | 20010114 |
767 | - (stevesk) initial work for OpenBSD "support supplementary group in | |
768 | {Allow,Deny}Groups" patch: | |
769 | - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c) | |
770 | - add bsd-getgrouplist.h | |
771 | - new files groupaccess.[ch] | |
772 | - build but don't use yet (need to merge auth.c changes) | |
c6a69271 | 773 | - (stevesk) complete: |
774 | - markus@cvs.openbsd.org 2001/01/13 11:56:48 | |
775 | [auth.c sshd.8] | |
776 | support supplementary group in {Allow,Deny}Groups | |
777 | from stevesk@pobox.com | |
61e96248 | 778 | |
f546c780 | 779 | 20010112 |
780 | - (bal) OpenBSD Sync | |
781 | - markus@cvs.openbsd.org 2001/01/10 22:56:22 | |
782 | [bufaux.h bufaux.c sftp-server.c sftp.h getput.h] | |
783 | cleanup sftp-server implementation: | |
547519f0 | 784 | add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT |
785 | parse SSH2_FILEXFER_ATTR_EXTENDED | |
786 | send SSH2_FX_EOF if readdir returns no more entries | |
787 | reply to SSH2_FXP_EXTENDED message | |
788 | use #defines from the draft | |
789 | move #definations to sftp.h | |
f546c780 | 790 | more info: |
61e96248 | 791 | http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt |
f546c780 | 792 | - markus@cvs.openbsd.org 2001/01/10 19:43:20 |
793 | [sshd.c] | |
794 | XXX - generate_empheral_server_key() is not safe against races, | |
61e96248 | 795 | because it calls log() |
f546c780 | 796 | - markus@cvs.openbsd.org 2001/01/09 21:19:50 |
797 | [packet.c] | |
798 | allow TCP_NDELAY for ipv6; from netbsd via itojun@ | |
799 | ||
9548d6c8 | 800 | 20010110 |
801 | - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from | |
802 | Bladt Norbert <Norbert.Bladt@adi.ch> | |
803 | ||
af972861 | 804 | 20010109 |
805 | - (bal) Resync CVS ID of cli.c | |
4b80e97b | 806 | - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE |
807 | code. | |
eea39c02 | 808 | - (bal) OpenBSD Sync |
809 | - markus@cvs.openbsd.org 2001/01/08 22:29:05 | |
810 | [auth2.c compat.c compat.h servconf.c servconf.h sshd.8 | |
811 | sshd_config version.h] | |
812 | implement option 'Banner /etc/issue.net' for ssh2, move version to | |
813 | 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner | |
814 | is enabled). | |
815 | - markus@cvs.openbsd.org 2001/01/08 22:03:23 | |
816 | [channels.c ssh-keyscan.c] | |
817 | O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com | |
818 | - markus@cvs.openbsd.org 2001/01/08 21:55:41 | |
819 | [sshconnect1.c] | |
820 | more cleanups and fixes from stevesk@pobox.com: | |
821 | 1) try_agent_authentication() for loop will overwrite key just | |
822 | allocated with key_new(); don't alloc | |
823 | 2) call ssh_close_authentication_connection() before exit | |
824 | try_agent_authentication() | |
825 | 3) free mem on bad passphrase in try_rsa_authentication() | |
826 | - markus@cvs.openbsd.org 2001/01/08 21:48:17 | |
827 | [kex.c] | |
828 | missing free; thanks stevesk@pobox.com | |
f1c4659d | 829 | - (bal) Detect if clock_t structure exists, if not define it. |
830 | - (bal) Detect if O_NONBLOCK exists, if not define it. | |
831 | - (bal) removed news4-posix.h (now empty) | |
832 | - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t' | |
833 | instead of 'int' | |
adc83ebf | 834 | - (stevesk) sshd_config: sync |
4f771a33 | 835 | - (stevesk) defines.h: remove spurious ``;'' |
af972861 | 836 | |
bbcf899f | 837 | 20010108 |
838 | - (bal) Fixed another typo in cli.c | |
839 | - (bal) OpenBSD Sync | |
840 | - markus@cvs.openbsd.org 2001/01/07 21:26:55 | |
841 | [cli.c] | |
842 | typo | |
843 | - markus@cvs.openbsd.org 2001/01/07 21:26:55 | |
844 | [cli.c] | |
845 | missing free, stevesk@pobox.com | |
846 | - markus@cvs.openbsd.org 2001/01/07 19:06:25 | |
847 | [auth1.c] | |
848 | missing free, stevesk@pobox.com | |
849 | - markus@cvs.openbsd.org 2001/01/07 11:28:04 | |
850 | [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 | |
851 | ssh.h sshd.8 sshd.c] | |
852 | rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE | |
853 | syslog priority changes: | |
854 | fatal() LOG_ERR -> LOG_CRIT | |
855 | log() LOG_INFO -> LOG_NOTICE | |
b8c37305 | 856 | - Updated TODO |
bbcf899f | 857 | |
9616313f | 858 | 20010107 |
859 | - (bal) OpenBSD Sync | |
860 | - markus@cvs.openbsd.org 2001/01/06 11:23:27 | |
861 | [ssh-rsa.c] | |
862 | remove unused | |
863 | - itojun@cvs.openbsd.org 2001/01/05 08:23:29 | |
864 | [ssh-keyscan.1] | |
865 | missing .El | |
866 | - markus@cvs.openbsd.org 2001/01/04 22:41:03 | |
867 | [session.c sshconnect.c] | |
868 | consistent use of _PATH_BSHELL; from stevesk@pobox.com | |
869 | - djm@cvs.openbsd.org 2001/01/04 22:35:32 | |
870 | [ssh.1 sshd.8] | |
871 | Mention AES as available SSH2 Cipher; ok markus | |
872 | - markus@cvs.openbsd.org 2001/01/04 22:25:58 | |
873 | [sshd.c] | |
874 | sync usage()/man with defaults; from stevesk@pobox.com | |
875 | - markus@cvs.openbsd.org 2001/01/04 22:21:26 | |
876 | [sshconnect2.c] | |
877 | handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server | |
878 | that prints a banner (e.g. /etc/issue.net) | |
61e96248 | 879 | |
1877dc0c | 880 | 20010105 |
881 | - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net> | |
5a64a938 | 882 | - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove() |
1877dc0c | 883 | |
488c06c8 | 884 | 20010104 |
885 | - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on | |
886 | work by Chris Vaughan <vaughan99@yahoo.com> | |
887 | ||
7c49df64 | 888 | 20010103 |
889 | - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD | |
890 | tree (mainly positioning) | |
891 | - (bal) OpenSSH CVS Update | |
892 | - markus@cvs.openbsd.org 2001/01/02 20:41:02 | |
893 | [packet.c] | |
894 | log remote ip on disconnect; PR 1600 from jcs@rt.fm | |
895 | - markus@cvs.openbsd.org 2001/01/02 20:50:56 | |
896 | [sshconnect.c] | |
61e96248 | 897 | strict_host_key_checking for host_status != HOST_CHANGED && |
7c49df64 | 898 | ip_status == HOST_CHANGED |
61e96248 | 899 | - (bal) authfile.c: Synced CVS ID tag |
2c523de9 | 900 | - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net> |
901 | - (bal) Disable sftp-server if no 64bit int support exists. Based on | |
902 | patch by Tim Rice <tim@multitalents.net> | |
903 | - (bal) Makefile.in changes to uninstall: target to remove sftp-server | |
904 | and sftp-server.8 manpage. | |
7c49df64 | 905 | |
a421e945 | 906 | 20010102 |
907 | - (bal) OpenBSD CVS Update | |
908 | - markus@cvs.openbsd.org 2001/01/01 14:52:49 | |
909 | [scp.c] | |
910 | use shared fatal(); from stevesk@pobox.com | |
911 | ||
0efc80a7 | 912 | 20001231 |
913 | - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS. | |
914 | for multiple reasons. | |
b1335fdf | 915 | - (bal) Reverted out of a partial NeXT patch. |
0efc80a7 | 916 | |
efcae5b1 | 917 | 20001230 |
918 | - (bal) OpenBSD CVS Update | |
919 | - markus@cvs.openbsd.org 2000/12/28 18:58:30 | |
920 | [ssh-keygen.c] | |
921 | enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2} | |
b148018f | 922 | - markus@cvs.openbsd.org 2000/12/29 22:19:13 |
923 | [channels.c] | |
924 | missing xfree; from vaughan99@yahoo.com | |
efcae5b1 | 925 | - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c |
03a14cc9 | 926 | - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination. |
34665bf7 | 927 | Suggested by Christian Kurz <shorty@debian.org> |
cb6dabf4 | 928 | - (bal) Add in '.c.o' section to Makefile.in to address make programs that |
61e96248 | 929 | don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke |
cb6dabf4 | 930 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
0dd78cd8 | 931 | |
932 | 20001229 | |
61e96248 | 933 | - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian |
34665bf7 | 934 | Kurz <shorty@debian.org> |
8abcdba4 | 935 | - (bal) OpenBSD CVS Update |
936 | - markus@cvs.openbsd.org 2000/12/28 14:25:51 | |
937 | [auth.h auth2.c] | |
938 | count authentication failures only | |
939 | - markus@cvs.openbsd.org 2000/12/28 14:25:03 | |
940 | [sshconnect.c] | |
941 | fingerprint for MITM attacks, too. | |
942 | - markus@cvs.openbsd.org 2000/12/28 12:03:57 | |
943 | [sshd.8 sshd.c] | |
944 | document -D | |
945 | - markus@cvs.openbsd.org 2000/12/27 14:19:21 | |
946 | [serverloop.c] | |
947 | less chatty | |
948 | - markus@cvs.openbsd.org 2000/12/27 12:34 | |
949 | [auth1.c sshconnect2.c sshd.c] | |
950 | typo | |
951 | - markus@cvs.openbsd.org 2000/12/27 12:30:19 | |
952 | [readconf.c readconf.h ssh.1 sshconnect.c] | |
953 | new option: HostKeyAlias: allow the user to record the host key | |
954 | under a different name. This is useful for ssh tunneling over | |
955 | forwarded connections or if you run multiple sshd's on different | |
956 | ports on the same machine. | |
957 | - markus@cvs.openbsd.org 2000/12/27 11:51:53 | |
958 | [ssh.1 ssh.c] | |
959 | multiple -t force pty allocation, document ORIGINAL_COMMAND | |
960 | - markus@cvs.openbsd.org 2000/12/27 11:41:31 | |
961 | [sshd.8] | |
962 | update for ssh-2 | |
c52c7082 | 963 | - (stevesk) compress.[ch] sync with openbsd; missed in prototype |
964 | fix merge. | |
0dd78cd8 | 965 | |
8f523d67 | 966 | 20001228 |
967 | - (bal) Patch to add libutil.h to loginrec.c only if the platform has | |
968 | libutil.h. Suggested by Pekka Savola <pekka@netcore.fi> | |
9fb76616 | 969 | - (djm) Update to new x11-askpass in RPM spec |
0dd78cd8 | 970 | - (bal) SCO patch to not include <sys/queue.h> since it's unrelated |
971 | header. Patch by Tim Rice <tim@multitalents.net> | |
972 | - Updated TODO w/ known HP/UX issue | |
973 | - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the | |
974 | bad reference to 'NeXT including it else were' on the #ifdef version. | |
8f523d67 | 975 | |
b03bd394 | 976 | 20001227 |
61e96248 | 977 | - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by |
b03bd394 | 978 | Takumi Yamane <yamtak@b-session.com> |
979 | - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch | |
8f523d67 | 980 | by Corinna Vinschen <vinschen@redhat.com> |
981 | - (djm) Fix catman-do target for non-bash | |
61e96248 | 982 | - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by |
8f523d67 | 983 | Takumi Yamane <yamtak@b-session.com> |
984 | - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch | |
b03bd394 | 985 | by Corinna Vinschen <vinschen@redhat.com> |
13991f8e | 986 | - (djm) Fix catman-do target for non-bash |
61e96248 | 987 | - (bal) Fixed NeXT's lack of CPPFLAGS honoring. |
988 | - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/ | |
f318b98b | 989 | 'RLIMIT_NOFILE' |
61e96248 | 990 | - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree, |
991 | the info in COPYING.Ylonen has been moved to the start of each | |
3bdf55b1 | 992 | SSH1-derived file and README.Ylonen is well out of date. |
b03bd394 | 993 | |
8d88011e | 994 | 20001223 |
995 | - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects | |
996 | if a change to config.h has occurred. Suggested by Gert Doering | |
997 | <gert@greenie.muc.de> | |
998 | - (bal) OpenBSD CVS Update: | |
999 | - markus@cvs.openbsd.org 2000/12/22 16:49:40 | |
1000 | [ssh-keygen.c] | |
1001 | fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com | |
1002 | ||
1e3b8b07 | 1003 | 20001222 |
1004 | - Updated RCSID for pty.c | |
1005 | - (bal) OpenBSD CVS Updates: | |
1006 | - markus@cvs.openbsd.org 2000/12/21 15:10:16 | |
1007 | [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c] | |
1008 | print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@ | |
1009 | - markus@cvs.openbsd.org 2000/12/20 19:26:56 | |
1010 | [authfile.c] | |
1011 | allow ssh -i userkey for root | |
1012 | - markus@cvs.openbsd.org 2000/12/20 19:37:21 | |
1013 | [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h] | |
1014 | fix prototypes; from stevesk@pobox.com | |
1015 | - markus@cvs.openbsd.org 2000/12/20 19:32:08 | |
1016 | [sshd.c] | |
1017 | init pointer to NULL; report from Jan.Ivan@cern.ch | |
1018 | - markus@cvs.openbsd.org 2000/12/19 23:17:54 | |
1019 | [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c | |
1020 | auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c | |
1021 | bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c | |
1022 | crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h | |
1023 | key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c | |
1024 | packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h | |
1025 | serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h | |
1026 | ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c | |
1027 | uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c] | |
1028 | replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char | |
1029 | unsigned' with u_char. | |
1030 | ||
67b0facb | 1031 | 20001221 |
1032 | - (stevesk) OpenBSD CVS updates: | |
1033 | - markus@cvs.openbsd.org 2000/12/19 15:43:45 | |
1034 | [authfile.c channels.c sftp-server.c ssh-agent.c] | |
1035 | remove() -> unlink() for consistency | |
1036 | - markus@cvs.openbsd.org 2000/12/19 15:48:09 | |
1037 | [ssh-keyscan.c] | |
1038 | replace <ssl/x.h> with <openssl/x.h> | |
1039 | - markus@cvs.openbsd.org 2000/12/17 02:33:40 | |
1040 | [uidswap.c] | |
1041 | typo; from wsanchez@apple.com | |
61e96248 | 1042 | |
adeebd37 | 1043 | 20001220 |
61e96248 | 1044 | - (djm) Workaround PAM inconsistencies between Solaris derived PAM code |
adeebd37 | 1045 | and Linux-PAM. Based on report and fix from Andrew Morgan |
1046 | <morgan@transmeta.com> | |
1047 | ||
f072c47a | 1048 | 20001218 |
1049 | - (stevesk) rsa.c: entropy.h not needed. | |
0c2fb82f | 1050 | - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile. |
1051 | Suggested by Wilfredo Sanchez <wsanchez@apple.com> | |
f072c47a | 1052 | |
731c1541 | 1053 | 20001216 |
1054 | - (stevesk) OpenBSD CVS updates: | |
1055 | - markus@cvs.openbsd.org 2000/12/16 02:53:57 | |
1056 | [scp.c] | |
1057 | allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE | |
1058 | - markus@cvs.openbsd.org 2000/12/16 02:39:57 | |
1059 | [scp.c] | |
1060 | unused; from stevesk@pobox.com | |
1061 | ||
227e8e86 | 1062 | 20001215 |
9853409f | 1063 | - (stevesk) Old OpenBSD patch wasn't completely applied: |
1064 | - markus@cvs.openbsd.org 2000/01/24 22:11:20 | |
1065 | [scp.c] | |
1066 | allow '.' in usernames; from jedgar@fxp.org | |
227e8e86 | 1067 | - (stevesk) OpenBSD CVS updates: |
1068 | - markus@cvs.openbsd.org 2000/12/13 16:26:53 | |
1069 | [ssh-keyscan.c] | |
1070 | fatal already adds \n; from stevesk@pobox.com | |
1071 | - markus@cvs.openbsd.org 2000/12/13 16:25:44 | |
1072 | [ssh-agent.c] | |
1073 | remove redundant spaces; from stevesk@pobox.com | |
1074 | - ho@cvs.openbsd.org 2000/12/12 15:50:21 | |
1075 | [pty.c] | |
1076 | When failing to set tty owner and mode on a read-only filesystem, don't | |
1077 | abort if the tty already has correct owner and reasonably sane modes. | |
1078 | Example; permit 'root' to login to a firewall with read-only root fs. | |
1079 | (markus@ ok) | |
1080 | - deraadt@cvs.openbsd.org 2000/12/13 06:36:05 | |
1081 | [pty.c] | |
1082 | KNF | |
6ffc9c88 | 1083 | - markus@cvs.openbsd.org 2000/12/12 14:45:21 |
1084 | [sshd.c] | |
1085 | source port < 1024 is no longer required for rhosts-rsa since it | |
1086 | adds no additional security. | |
1087 | - markus@cvs.openbsd.org 2000/12/12 16:11:49 | |
1088 | [ssh.1 ssh.c] | |
1089 | rhosts-rsa is no longer automagically disabled if ssh is not privileged. | |
1090 | UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers. | |
1091 | these changes should not change the visible default behaviour of the ssh client. | |
71c0d06a | 1092 | - deraadt@cvs.openbsd.org 2000/12/11 10:27:33 |
1093 | [scp.c] | |
1094 | when copying 0-sized files, do not re-print ETA time at completion | |
3e1caa83 | 1095 | - provos@cvs.openbsd.org 2000/12/15 10:30:15 |
1096 | [kex.c kex.h sshconnect2.c sshd.c] | |
1097 | compute diffie-hellman in parallel between server and client. okay markus@ | |
227e8e86 | 1098 | |
6c935fbd | 1099 | 20001213 |
1100 | - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report | |
1101 | from Andreas M. Kirchwitz <amk@krell.zikzak.de> | |
227e8e86 | 1102 | - (stevesk) OpenBSD CVS update: |
1fe6a48f | 1103 | - markus@cvs.openbsd.org 2000/12/12 15:30:02 |
1104 | [ssh-keyscan.c ssh.c sshd.c] | |
61e96248 | 1105 | consistently use __progname; from stevesk@pobox.com |
6c935fbd | 1106 | |
367d1840 | 1107 | 20001211 |
1108 | - (bal) Applied patch to include ssh-keyscan into Redhat's package, and | |
1109 | patch to install ssh-keyscan manpage. Patch by Pekka Savola | |
1110 | <pekka@netcore.fi> | |
e3a70753 | 1111 | - (bal) OpenbSD CVS update |
1112 | - markus@cvs.openbsd.org 2000/12/10 17:01:53 | |
1113 | [sshconnect1.c] | |
1114 | always request new challenge for skey/tis-auth, fixes interop with | |
1115 | other implementations; report from roth@feep.net | |
367d1840 | 1116 | |
6b523bae | 1117 | 20001210 |
1118 | - (bal) OpenBSD CVS updates | |
61e96248 | 1119 | - markus@cvs.openbsd.org 2000/12/09 13:41:51 |
6b523bae | 1120 | [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] |
1121 | undo rijndael changes | |
61e96248 | 1122 | - markus@cvs.openbsd.org 2000/12/09 13:48:31 |
6b523bae | 1123 | [rijndael.c] |
1124 | fix byte order bug w/o introducing new implementation | |
61e96248 | 1125 | - markus@cvs.openbsd.org 2000/12/09 14:08:27 |
6b523bae | 1126 | [sftp-server.c] |
1127 | "" -> "." for realpath; from vinschen@redhat.com | |
61e96248 | 1128 | - markus@cvs.openbsd.org 2000/12/09 14:06:54 |
6b523bae | 1129 | [ssh-agent.c] |
1130 | extern int optind; from stevesk@sweden.hp.com | |
13af0aa2 | 1131 | - provos@cvs.openbsd.org 2000/12/09 23:51:11 |
1132 | [compat.c] | |
1133 | remove unnecessary '\n' | |
6b523bae | 1134 | |
ce9c0b75 | 1135 | 20001209 |
6b523bae | 1136 | - (bal) OpenBSD CVS updates: |
61e96248 | 1137 | - djm@cvs.openbsd.org 2000/12/07 4:24:59 |
ce9c0b75 | 1138 | [ssh.1] |
1139 | Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo | |
1140 | ||
f72fc97f | 1141 | 20001207 |
6b523bae | 1142 | - (bal) OpenBSD CVS updates: |
61e96248 | 1143 | - markus@cvs.openbsd.org 2000/12/06 22:58:14 |
f72fc97f | 1144 | [compat.c compat.h packet.c] |
1145 | disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0 | |
dfe89252 | 1146 | - markus@cvs.openbsd.org 2000/12/06 23:10:39 |
1147 | [rijndael.c] | |
1148 | unexpand(1) | |
61e96248 | 1149 | - markus@cvs.openbsd.org 2000/12/06 23:05:43 |
dfe89252 | 1150 | [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] |
1151 | new rijndael implementation. fixes endian bugs | |
f72fc97f | 1152 | |
97fb6912 | 1153 | 20001206 |
6b523bae | 1154 | - (bal) OpenBSD CVS updates: |
97fb6912 | 1155 | - markus@cvs.openbsd.org 2000/12/05 20:34:09 |
1156 | [channels.c channels.h clientloop.c serverloop.c] | |
1157 | async connects for -R/-L; ok deraadt@ | |
1158 | - todd@cvs.openssh.org 2000/12/05 16:47:28 | |
1159 | [sshd.c] | |
1160 | tweak comment to reflect real location of pid file; ok provos@ | |
bf5f69f7 | 1161 | - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't |
1162 | have it (used in ssh-keyscan). | |
227e8e86 | 1163 | - (stevesk) OpenBSD CVS update: |
f20255cb | 1164 | - markus@cvs.openbsd.org 2000/12/06 19:57:48 |
1165 | [ssh-keyscan.c] | |
1166 | err(3) -> internal error(), from stevesk@sweden.hp.com | |
97fb6912 | 1167 | |
f6fdbddf | 1168 | 20001205 |
6b523bae | 1169 | - (bal) OpenBSD CVS updates: |
f6fdbddf | 1170 | - markus@cvs.openbsd.org 2000/12/04 19:24:02 |
1171 | [ssh-keyscan.c ssh-keyscan.1] | |
1172 | David Maziere's ssh-keyscan, ok niels@ | |
1173 | - (bal) Updated Makefile.in to include ssh-keyscan that was just added | |
1174 | to the recent OpenBSD source tree. | |
835d2104 | 1175 | - (stevesk) fix typos in contrib/hpux/README |
f6fdbddf | 1176 | |
cbc5abf9 | 1177 | 20001204 |
1178 | - (bal) More C functions defined in NeXT that are unaccessable without | |
61e96248 | 1179 | defining -POSIX. |
1180 | - (bal) OpenBSD CVS updates: | |
1181 | - markus@cvs.openbsd.org 2000/12/03 11:29:04 | |
cbc5abf9 | 1182 | [compat.c] |
1183 | remove fallback to SSH_BUG_HMAC now that the drafts are updated | |
1184 | - markus@cvs.openbsd.org 2000/12/03 11:27:55 | |
1185 | [compat.c] | |
61e96248 | 1186 | correctly match "2.1.0.pl2 SSH" etc; from |
97fb6912 | 1187 | pekkas@netcore.fi/bugzilla.redhat |
cbc5abf9 | 1188 | - markus@cvs.openbsd.org 2000/12/03 11:15:03 |
1189 | [auth2.c compat.c compat.h sshconnect2.c] | |
1190 | support f-secure/ssh.com 2.0.12; ok niels@ | |
1191 | ||
0b6fbf03 | 1192 | 20001203 |
cbc5abf9 | 1193 | - (bal) OpenBSD CVS updates: |
0b6fbf03 | 1194 | - markus@cvs.openbsd.org 2000/11/30 22:54:31 |
1195 | [channels.c] | |
61e96248 | 1196 | debug->warn if tried to do -R style fwd w/o client requesting this; |
0b6fbf03 | 1197 | ok neils@ |
1198 | - markus@cvs.openbsd.org 2000/11/29 20:39:17 | |
1199 | [cipher.c] | |
1200 | des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV | |
1201 | - markus@cvs.openbsd.org 2000/11/30 18:33:05 | |
1202 | [ssh-agent.c] | |
1203 | agents must not dump core, ok niels@ | |
61e96248 | 1204 | - markus@cvs.openbsd.org 2000/11/30 07:04:02 |
0b6fbf03 | 1205 | [ssh.1] |
1206 | T is for both protocols | |
1207 | - markus@cvs.openbsd.org 2000/12/01 00:00:51 | |
1208 | [ssh.1] | |
1209 | typo; from green@FreeBSD.org | |
1210 | - markus@cvs.openbsd.org 2000/11/30 07:02:35 | |
1211 | [ssh.c] | |
1212 | check -T before isatty() | |
1213 | - provos@cvs.openbsd.org 2000/11/29 13:51:27 | |
1214 | [sshconnect.c] | |
61e96248 | 1215 | show IP address and hostname when new key is encountered. okay markus@ |
0b6fbf03 | 1216 | - markus@cvs.openbsd.org 2000/11/30 22:53:35 |
1217 | [sshconnect.c] | |
1218 | disable agent/x11/port fwding if hostkey has changed; ok niels@ | |
1219 | - marksu@cvs.openbsd.org 2000/11/29 21:11:59 | |
1220 | [sshd.c] | |
1221 | sshd -D, startup w/o deamon(), for monitoring scripts or inittab; | |
1222 | from handler@sub-rosa.com and eric@urbanrange.com; ok niels@ | |
8c9fe09e | 1223 | - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable |
1224 | PAM authentication using KbdInteractive. | |
1225 | - (djm) Added another TODO | |
0b6fbf03 | 1226 | |
90f4078a | 1227 | 20001202 |
1228 | - (bal) Backed out of part of Alain St-Denis' loginrec.c patch. | |
61e96248 | 1229 | - (bal) Irix need some sort of mansubdir, patch by Michael Stone |
90f4078a | 1230 | <mstone@cs.loyola.edu> |
1231 | ||
dcef6523 | 1232 | 20001129 |
7062c40f | 1233 | - (djm) Back out all the serverloop.c hacks. sshd will now hang again |
1234 | if there are background children with open fds. | |
c193d002 | 1235 | - (djm) bsd-rresvport.c bzero -> memset |
61e96248 | 1236 | - (djm) Don't fail in defines.h on absence of 64 bit types (we will |
c193d002 | 1237 | still fail during compilation of sftp-server). |
1238 | - (djm) Fail if ar is not found during configure | |
c523303b | 1239 | - (djm) OpenBSD CVS updates: |
1240 | - provos@cvs.openbsd.org 2000/11/22 08:38:31 | |
1241 | [sshd.8] | |
1242 | talk about /etc/primes, okay markus@ | |
1243 | - markus@cvs.openbsd.org 2000/11/23 14:03:48 | |
1244 | [ssh.c sshconnect1.c sshconnect2.c] | |
1245 | complain about invalid ciphers for ssh1/ssh2, fall back to reasonable | |
1246 | defaults | |
1247 | - markus@cvs.openbsd.org 2000/11/25 09:42:53 | |
1248 | [sshconnect1.c] | |
1249 | reorder check for illegal ciphers, bugreport from espie@ | |
1250 | - markus@cvs.openbsd.org 2000/11/25 10:19:34 | |
1251 | [ssh-keygen.c ssh.h] | |
1252 | print keytype when generating a key. | |
1253 | reasonable defaults for RSA1/RSA/DSA keys. | |
b3ec54b4 | 1254 | - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few |
1255 | more manpage paths in fixpaths calls | |
1256 | - (djm) Also add xauth path at Pekka's suggestion. | |
57ce3f00 | 1257 | - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility |
dcef6523 | 1258 | |
e879a080 | 1259 | 20001125 |
1260 | - (djm) Give up privs when reading seed file | |
1261 | ||
d343d900 | 1262 | 20001123 |
1263 | - (bal) Merge OpenBSD changes: | |
1264 | - markus@cvs.openbsd.org 2000/11/15 22:31:36 | |
1265 | [auth-options.c] | |
61e96248 | 1266 | case insensitive key options; from stevesk@sweeden.hp.com |
d343d900 | 1267 | - markus@cvs.openbsd.org 2000/11/16 17:55:43 |
1268 | [dh.c] | |
1269 | do not use perror() in sshd, after child is forked() | |
1270 | - markus@cvs.openbsd.org 2000/11/14 23:42:40 | |
1271 | [auth-rsa.c] | |
1272 | parse option only if key matches; fix some confusing seen by the client | |
1273 | - markus@cvs.openbsd.org 2000/11/14 23:44:19 | |
1274 | [session.c] | |
1275 | check no_agent_forward_flag for ssh-2, too | |
1276 | - markus@cvs.openbsd.org 2000/11/15 | |
1277 | [ssh-agent.1] | |
1278 | reorder SYNOPSIS; typo, use .It | |
1279 | - markus@cvs.openbsd.org 2000/11/14 23:48:55 | |
1280 | [ssh-agent.c] | |
1281 | do not reorder keys if a key is removed | |
1282 | - markus@cvs.openbsd.org 2000/11/15 19:58:08 | |
1283 | [ssh.c] | |
61e96248 | 1284 | just ignore non existing user keys |
d343d900 | 1285 | - millert@cvs.openbsd.org 200/11/15 20:24:43 |
1286 | [ssh-keygen.c] | |
1287 | Add missing \n at end of error message. | |
1288 | ||
0b49a754 | 1289 | 20001122 |
1290 | - (bal) Minor patch to ensure platforms lacking IRIX job limit supports | |
1291 | are compilable. | |
1292 | - (bal) Updated TODO as of 11/18/2000 with known things to resolve. | |
1293 | ||
fab2e5d3 | 1294 | 20001117 |
1295 | - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It | |
1296 | has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com> | |
61e96248 | 1297 | - (stevesk) Reworked progname support. |
260d427b | 1298 | - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by |
1299 | Shinichi Maruyama <marya@st.jip.co.jp> | |
fab2e5d3 | 1300 | |
c2207f11 | 1301 | 20001116 |
1302 | - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO | |
1303 | releases. | |
1304 | - (bal) Make builds work outside of source tree. Patch by Mark D. Roth | |
1305 | <roth@feep.net> | |
1306 | ||
3d398e04 | 1307 | 20001113 |
61e96248 | 1308 | - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to |
3d398e04 | 1309 | contrib/README |
fa08c86b | 1310 | - (djm) Merge OpenBSD changes: |
1311 | - markus@cvs.openbsd.org 2000/11/06 16:04:56 | |
1312 | [channels.c channels.h clientloop.c nchan.c serverloop.c] | |
1313 | [session.c ssh.c] | |
1314 | agent forwarding and -R for ssh2, based on work from | |
1315 | jhuuskon@messi.uku.fi | |
1316 | - markus@cvs.openbsd.org 2000/11/06 16:13:27 | |
1317 | [ssh.c sshconnect.c sshd.c] | |
1318 | do not disabled rhosts(rsa) if server port > 1024; from | |
1319 | pekkas@netcore.fi | |
1320 | - markus@cvs.openbsd.org 2000/11/06 16:16:35 | |
1321 | [sshconnect.c] | |
1322 | downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net | |
1323 | - markus@cvs.openbsd.org 2000/11/09 18:04:40 | |
1324 | [auth1.c] | |
1325 | typo; from mouring@pconline.com | |
1326 | - markus@cvs.openbsd.org 2000/11/12 12:03:28 | |
1327 | [ssh-agent.c] | |
1328 | off-by-one when removing a key from the agent | |
1329 | - markus@cvs.openbsd.org 2000/11/12 12:50:39 | |
1330 | [auth-rh-rsa.c auth2.c authfd.c authfd.h] | |
1331 | [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] | |
1332 | [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] | |
1333 | [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] | |
1334 | [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] | |
61e96248 | 1335 | [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] |
fa08c86b | 1336 | add support for RSA to SSH2. please test. |
1337 | there are now 3 types of keys: RSA1 is used by ssh-1 only, | |
1338 | RSA and DSA are used by SSH2. | |
1339 | you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA | |
1340 | keys for SSH2 and use the RSA keys for hostkeys or for user keys. | |
1341 | SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. | |
1342 | - (djm) Fix up Makefile and Redhat init script to create RSA host keys | |
f001465f | 1343 | - (djm) Change to interim version |
5733a41a | 1344 | - (djm) Fix RPM spec file stupidity |
6fff1ac4 | 1345 | - (djm) fixpaths to DSA and RSA keys too |
3d398e04 | 1346 | |
d287c664 | 1347 | 20001112 |
1348 | - (bal) SCO Patch to add needed libraries for configure.in. Patch by | |
1349 | Phillips Porch <root@theporch.com> | |
3d398e04 | 1350 | - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker |
1351 | <dcp@sgi.com> | |
a3bf38d0 | 1352 | - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to |
1353 | failed ioctl(TIOCSCTTY) call. | |
d287c664 | 1354 | |
3c4d4fef | 1355 | 20001111 |
1356 | - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and | |
1357 | packaging files | |
35325fd4 | 1358 | - (djm) Fix new Makefile.in warnings |
61e96248 | 1359 | - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are |
1360 | promoted to type int. Report and fix from Dan Astoorian | |
027bf205 | 1361 | <djast@cs.toronto.edu> |
61e96248 | 1362 | - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get |
e3291159 | 1363 | it wrong. Report from Bennett Todd <bet@rahul.net> |
3c4d4fef | 1364 | |
3e366738 | 1365 | 20001110 |
1366 | - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c | |
1367 | - (bal) Changed from --with-skey to --with-skey=PATH in configure.in | |
1368 | - (bal) Added in check to verify S/Key library is being detected in | |
1369 | configure.in | |
61e96248 | 1370 | - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif. |
3e366738 | 1371 | Patch by Mark Miller <markm@swoon.net> |
1372 | - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined | |
61e96248 | 1373 | to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net> |
3e366738 | 1374 | - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs |
1375 | ||
373998a4 | 1376 | 20001107 |
e506ee73 | 1377 | - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by |
1378 | Mark Miller <markm@swoon.net> | |
373998a4 | 1379 | - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by |
1380 | Jarno Huuskonen <jhuuskon@messi.uku.fi> | |
e506ee73 | 1381 | - (bal) fixpaths fixed to stop it from quitely failing. Patch by |
1382 | Mark D. Roth <roth@feep.net> | |
373998a4 | 1383 | |
ac89998a | 1384 | 20001106 |
1385 | - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs | |
6c09e23c | 1386 | - (djm) Manually fix up missed diff hunks (mainly RCS idents) |
61e96248 | 1387 | - (djm) Remove UPGRADING document in favour of a link to the better |
d6846e6a | 1388 | maintained FAQ on www.openssh.com |
73bd30fe | 1389 | - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola |
1390 | <pekkas@netcore.fi> | |
1391 | - (djm) Don't need X11-askpass in RPM spec file if building without it | |
1392 | from Pekka Savola <pekkas@netcore.fi> | |
c215ba3b | 1393 | - (djm) Release 2.3.0p1 |
97b378bf | 1394 | - (bal) typo in configure.in in regards to --with-ldflags from Marko |
1395 | Asplund <aspa@kronodoc.fi> | |
1396 | - (bal) fixed next-posix.h. Forgot prototype of getppid(). | |
68f189a9 | 1397 | |
b850ecd9 | 1398 | 20001105 |
1399 | - (bal) Sync with OpenBSD: | |
1400 | - markus@cvs.openbsd.org 2000/10/31 9:31:58 | |
1401 | [compat.c] | |
1402 | handle all old openssh versions | |
1403 | - markus@cvs.openbsd.org 2000/10/31 13:1853 | |
1404 | [deattack.c] | |
1405 | so that large packets do not wrap "n"; from netbsd | |
1406 | - (bal) rijndel.c - fix up RCSID to match OpenBSD tree | |
a30ce26d | 1407 | - (bal) auth2-skey.c - Checked in. Missing from portable tree. |
1408 | - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and | |
1409 | setsid() into more common files | |
96054e6f | 1410 | - (stevesk) pty.c: use __hpux to identify HP-UX. |
d0127657 | 1411 | - (bal) Missed auth-skey.o in Makefile.in and minor correction to |
1412 | bsd-waitpid.c | |
b850ecd9 | 1413 | |
75b90ced | 1414 | 20001029 |
1415 | - (stevesk) Fix typo in auth.c: USE_PAM not PAM | |
95273555 | 1416 | - (stevesk) Create contrib/cygwin/ directory; patch from |
1417 | Corinna Vinschen <vinschen@redhat.com> | |
e9e4a1c7 | 1418 | - (bal) Resolved more $xno and $xyes issues in configure.in |
fd5f0295 | 1419 | - (bal) next-posix.h - spelling and forgot a prototype |
75b90ced | 1420 | |
344f2b94 | 1421 | 20001028 |
61e96248 | 1422 | - (djm) fix select hack in serverloop.c from Philippe WILLEM |
344f2b94 | 1423 | <Philippe.WILLEM@urssaf.fr> |
240ae474 | 1424 | - (djm) Fix mangled AIXAUTHENTICATE code |
61e96248 | 1425 | - (djm) authctxt->pw may be NULL. Fix from Markus Friedl |
606ea390 | 1426 | <markus.friedl@informatik.uni-erlangen.de> |
a22aff1f | 1427 | - (djm) Sync with OpenBSD: |
1428 | - markus@cvs.openbsd.org 2000/10/16 15:46:32 | |
1429 | [ssh.1] | |
1430 | fixes from pekkas@netcore.fi | |
1431 | - markus@cvs.openbsd.org 2000/10/17 14:28:11 | |
1432 | [atomicio.c] | |
1433 | return number of characters processed; ok deraadt@ | |
1434 | - markus@cvs.openbsd.org 2000/10/18 12:04:02 | |
1435 | [atomicio.c] | |
1436 | undo | |
1437 | - markus@cvs.openbsd.org 2000/10/18 12:23:02 | |
1438 | [scp.c] | |
1439 | replace atomicio(read,...) with read(); ok deraadt@ | |
1440 | - markus@cvs.openbsd.org 2000/10/18 12:42:00 | |
1441 | [session.c] | |
1442 | restore old record login behaviour | |
1443 | - deraadt@cvs.openbsd.org 2000/10/19 10:41:13 | |
1444 | [auth-skey.c] | |
1445 | fmt string problem in unused code | |
1446 | - provos@cvs.openbsd.org 2000/10/19 10:45:16 | |
1447 | [sshconnect2.c] | |
1448 | don't reference freed memory. okay deraadt@ | |
1449 | - markus@cvs.openbsd.org 2000/10/21 11:04:23 | |
1450 | [canohost.c] | |
1451 | typo, eramore@era-t.ericsson.se; ok niels@ | |
1452 | - markus@cvs.openbsd.org 2000/10/23 13:31:55 | |
1453 | [cipher.c] | |
1454 | non-alignment dependent swap_bytes(); from | |
1455 | simonb@wasabisystems.com/netbsd | |
1456 | - markus@cvs.openbsd.org 2000/10/26 12:38:28 | |
1457 | [compat.c] | |
1458 | add older vandyke products | |
1459 | - markus@cvs.openbsd.org 2000/10/27 01:32:19 | |
1460 | [channels.c channels.h clientloop.c serverloop.c session.c] | |
1461 | [ssh.c util.c] | |
61e96248 | 1462 | enable non-blocking IO on channels, and tty's (except for the |
a22aff1f | 1463 | client ttys). |
344f2b94 | 1464 | |
ddc49b5c | 1465 | 20001027 |
1466 | - (djm) Increase REKEY_BYTES to 2^24 for arc4random | |
1467 | ||
48e7916f | 1468 | 20001025 |
1469 | - (djm) Added WARNING.RNG file and modified configure to ask users of the | |
1470 | builtin entropy code to read it. | |
1471 | - (djm) Prefer builtin regex to PCRE. | |
00937921 | 1472 | - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. |
1473 | - (bal) Apply fixes to configure.in pointed out by Pavel Roskin | |
1474 | <proski@gnu.org> | |
48e7916f | 1475 | |
8dcda1e3 | 1476 | 20001020 |
1477 | - (djm) Don't define _REENTRANT for SNI/Reliant Unix | |
07bee9a7 | 1478 | - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation |
1479 | is more correct then current version. | |
8dcda1e3 | 1480 | |
f5af5cd5 | 1481 | 20001018 |
1482 | - (stevesk) Add initial support for setproctitle(). Current | |
1483 | support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. | |
134fd7f6 | 1484 | - (stevesk) Add egd startup scripts to contrib/hpux/ |
f5af5cd5 | 1485 | |
2f31bdd6 | 1486 | 20001017 |
1487 | - (djm) Add -lregex to cywin libs from Corinna Vinschen | |
1488 | <vinschen@cygnus.com> | |
ba7a3f40 | 1489 | - (djm) Don't rely on atomicio's retval to determine length of askpass |
1490 | supplied passphrase. Problem report from Lutz Jaenicke | |
1491 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
66d6c27e | 1492 | - (bal) Changed from GNU rx to PCRE on suggestion from djm. |
61e96248 | 1493 | - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki |
66d6c27e | 1494 | <nakaji@tutrp.tut.ac.jp> |
2f31bdd6 | 1495 | |
33de75a3 | 1496 | 20001016 |
1497 | - (djm) Sync with OpenBSD: | |
1498 | - markus@cvs.openbsd.org 2000/10/14 04:01:15 | |
1499 | [cipher.c] | |
1500 | debug3 | |
1501 | - markus@cvs.openbsd.org 2000/10/14 04:07:23 | |
1502 | [scp.c] | |
1503 | remove spaces from arguments; from djm@mindrot.org | |
1504 | - markus@cvs.openbsd.org 2000/10/14 06:09:46 | |
1505 | [ssh.1] | |
1506 | Cipher is for SSH-1 only | |
1507 | - markus@cvs.openbsd.org 2000/10/14 06:12:09 | |
1508 | [servconf.c servconf.h serverloop.c session.c sshd.8] | |
1509 | AllowTcpForwarding; from naddy@ | |
1510 | - markus@cvs.openbsd.org 2000/10/14 06:16:56 | |
1511 | [auth2.c compat.c compat.h sshconnect2.c version.h] | |
61e96248 | 1512 | OpenSSH_2.3; note that is is not complete, but the version number |
33de75a3 | 1513 | needs to be changed for interoperability reasons |
1514 | - markus@cvs.openbsd.org 2000/10/14 06:19:45 | |
1515 | [auth-rsa.c] | |
1516 | do not send RSA challenge if key is not allowed by key-options; from | |
1517 | eivind@ThinkSec.com | |
1518 | - markus@cvs.openbsd.org 2000/10/15 08:14:01 | |
1519 | [rijndael.c session.c] | |
1520 | typos; from stevesk@sweden.hp.com | |
1521 | - markus@cvs.openbsd.org 2000/10/15 08:18:31 | |
1522 | [rijndael.c] | |
1523 | typo | |
61e96248 | 1524 | - (djm) Copy manpages back over from OpenBSD - too tedious to wade |
30d8b039 | 1525 | through diffs |
61e96248 | 1526 | - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola |
30d8b039 | 1527 | <pekkas@netcore.fi> |
aa0289fe | 1528 | - (djm) Update version in Redhat spec file |
61e96248 | 1529 | - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the |
aa0289fe | 1530 | Redhat 7.0 spec file |
5b2d4b75 | 1531 | - (djm) Make inability to read/write PRNG seedfile non-fatal |
1532 | ||
33de75a3 | 1533 | |
4d670c24 | 1534 | 20001015 |
1535 | - (djm) Fix ssh2 hang on background processes at logout. | |
1536 | ||
71dfaf1c | 1537 | 20001014 |
443172c4 | 1538 | - (bal) Add support for realpath and getcwd for platforms with broken |
1539 | or missing realpath implementations for sftp-server. | |
1540 | - (bal) Corrected mistake in INSTALL in regards to GNU rx library | |
61e96248 | 1541 | - (bal) Add support for GNU rx library for those lacking regexp support |
71dfaf1c | 1542 | - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth |
02323c45 | 1543 | - (djm) Revert SSH2 serverloop hack, will find a better way. |
4ee81249 | 1544 | - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch |
1545 | from Martin Johansson <fatbob@acc.umu.se> | |
94ec8c6b | 1546 | - (djm) Big OpenBSD sync: |
1547 | - markus@cvs.openbsd.org 2000/09/30 10:27:44 | |
1548 | [log.c] | |
1549 | allow loglevel debug | |
1550 | - markus@cvs.openbsd.org 2000/10/03 11:59:57 | |
1551 | [packet.c] | |
1552 | hmac->mac | |
1553 | - markus@cvs.openbsd.org 2000/10/03 12:03:03 | |
1554 | [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] | |
1555 | move fake-auth from auth1.c to individual auth methods, disables s/key in | |
1556 | debug-msg | |
1557 | - markus@cvs.openbsd.org 2000/10/03 12:16:48 | |
1558 | ssh.c | |
1559 | do not resolve canonname, i have no idea why this was added oin ossh | |
1560 | - markus@cvs.openbsd.org 2000/10/09 15:30:44 | |
1561 | ssh-keygen.1 ssh-keygen.c | |
1562 | -X now reads private ssh.com DSA keys, too. | |
1563 | - markus@cvs.openbsd.org 2000/10/09 15:32:34 | |
1564 | auth-options.c | |
1565 | clear options on every call. | |
1566 | - markus@cvs.openbsd.org 2000/10/09 15:51:00 | |
1567 | authfd.c authfd.h | |
1568 | interop with ssh-agent2, from <res@shore.net> | |
1569 | - markus@cvs.openbsd.org 2000/10/10 14:20:45 | |
1570 | compat.c | |
1571 | use rexexp for version string matching | |
1572 | - provos@cvs.openbsd.org 2000/10/10 22:02:18 | |
1573 | [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] | |
1574 | First rough implementation of the diffie-hellman group exchange. The | |
1575 | client can ask the server for bigger groups to perform the diffie-hellman | |
1576 | in, thus increasing the attack complexity when using ciphers with longer | |
1577 | keys. University of Windsor provided network, T the company. | |
1578 | - markus@cvs.openbsd.org 2000/10/11 13:59:52 | |
1579 | [auth-rsa.c auth2.c] | |
1580 | clear auth options unless auth sucessfull | |
1581 | - markus@cvs.openbsd.org 2000/10/11 14:00:27 | |
1582 | [auth-options.h] | |
1583 | clear auth options unless auth sucessfull | |
1584 | - markus@cvs.openbsd.org 2000/10/11 14:03:27 | |
1585 | [scp.1 scp.c] | |
1586 | support 'scp -o' with help from mouring@pconline.com | |
1587 | - markus@cvs.openbsd.org 2000/10/11 14:11:35 | |
1588 | [dh.c] | |
1589 | Wall | |
1590 | - markus@cvs.openbsd.org 2000/10/11 14:14:40 | |
1591 | [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] | |
1592 | [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] | |
1593 | add support for s/key (kbd-interactive) to ssh2, based on work by | |
1594 | mkiernan@avantgo.com and me | |
1595 | - markus@cvs.openbsd.org 2000/10/11 14:27:24 | |
1596 | [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] | |
1597 | [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] | |
1598 | [sshconnect2.c sshd.c] | |
1599 | new cipher framework | |
1600 | - markus@cvs.openbsd.org 2000/10/11 14:45:21 | |
1601 | [cipher.c] | |
1602 | remove DES | |
1603 | - markus@cvs.openbsd.org 2000/10/12 03:59:20 | |
1604 | [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] | |
1605 | enable DES in SSH-1 clients only | |
1606 | - markus@cvs.openbsd.org 2000/10/12 08:21:13 | |
1607 | [kex.h packet.c] | |
1608 | remove unused | |
1609 | - markus@cvs.openbsd.org 2000/10/13 12:34:46 | |
1610 | [sshd.c] | |
1611 | Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se | |
1612 | - markus@cvs.openbsd.org 2000/10/13 12:59:15 | |
1613 | [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] | |
1614 | rijndael/aes support | |
1615 | - markus@cvs.openbsd.org 2000/10/13 13:10:54 | |
1616 | [sshd.8] | |
1617 | more info about -V | |
1618 | - markus@cvs.openbsd.org 2000/10/13 13:12:02 | |
1619 | [myproposal.h] | |
1620 | prefer no compression | |
3ed32516 | 1621 | - (djm) Fix scp user@host handling |
1622 | - (djm) Don't clobber ssh_prng_cmds on install | |
6bcf7caa | 1623 | - (stevesk) Include config.h in rijndael.c so we define intXX_t and |
1624 | u_intXX_t types on all platforms. | |
9ea53ba5 | 1625 | - (stevesk) rijndael.c: cleanup missing declaration warnings. |
2919e060 | 1626 | - (stevesk) ~/.hushlogin shouldn't cause required password change to |
1627 | be bypassed. | |
f5665f6f | 1628 | - (stevesk) Display correct path to ssh-askpass in configure output. |
1629 | Report from Lutz Jaenicke. | |
71dfaf1c | 1630 | |
ebd782f7 | 1631 | 20001007 |
1632 | - (stevesk) Print PAM return value in PAM log messages to aid | |
1633 | with debugging. | |
97994d32 | 1634 | - (stevesk) Fix detection of pw_class struct member in configure; |
1635 | patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp> | |
1636 | ||
47a134c1 | 1637 | 20001002 |
1638 | - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com> | |
1639 | - (djm) Add host system and CC to end-of-configure report. Suggested by | |
1640 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
1641 | ||
7322ef0e | 1642 | 20000931 |
1643 | - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com> | |
1644 | ||
6ac7829a | 1645 | 20000930 |
b6490dcb | 1646 | - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi> |
61e96248 | 1647 | - (djm) Support in bsd-snprintf.c for long long conversions from |
772bd898 | 1648 | Ben Lindstrom <mouring@pconline.com> |
1649 | - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com> | |
857040fb | 1650 | - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with |
61e96248 | 1651 | very short lived X connections. Bug report from Tobias Oetiker |
857040fb | 1652 | <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org> |
bd2d7f6a | 1653 | - (djm) Add recent InitScripts as a RPM dependancy for openssh-server |
1654 | patch from Pekka Savola <pekkas@netcore.fi> | |
58665035 | 1655 | - (djm) Forgot to cvs add LICENSE file |
dc2901a0 | 1656 | - (djm) Add LICENSE to RPM spec files |
de273eef | 1657 | - (djm) CVS OpenBSD sync: |
1658 | - markus@cvs.openbsd.org 2000/09/26 13:59:59 | |
1659 | [clientloop.c] | |
1660 | use debug2 | |
1661 | - markus@cvs.openbsd.org 2000/09/27 15:41:34 | |
1662 | [auth2.c sshconnect2.c] | |
1663 | use key_type() | |
1664 | - markus@cvs.openbsd.org 2000/09/28 12:03:18 | |
1665 | [channels.c] | |
1666 | debug -> debug2 cleanup | |
61e96248 | 1667 | - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only |
2a7d529a | 1668 | strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis |
1669 | <Alain.St-Denis@ec.gc.ca> | |
61e96248 | 1670 | - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. |
1671 | Problem was caused by interrupted read in ssh-add. Report from Donald | |
2a7d529a | 1672 | J. Barry <don@astro.cornell.edu> |
6ac7829a | 1673 | |
c5d85828 | 1674 | 20000929 |
1675 | - (djm) Fix SSH2 not terminating until all background tasks done problem. | |
61e96248 | 1676 | - (djm) Another off-by-one fix from Pavel Kankovsky |
1677 | <peak@argo.troja.mff.cuni.cz> | |
22d89d24 | 1678 | - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, |
1679 | tidy necessary differences. Use Markus' new debugN() in entropy.c | |
61e96248 | 1680 | - (djm) Merged big SCO portability patch from Tim Rice |
77bb0bca | 1681 | <tim@multitalents.net> |
c5d85828 | 1682 | |
6fd7f731 | 1683 | 20000926 |
1684 | - (djm) Update X11-askpass to 1.0.2 in RPM spec file | |
c5ae7384 | 1685 | - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX |
61e96248 | 1686 | - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. |
1687 | Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> | |
6fd7f731 | 1688 | |
2f125ca1 | 1689 | 20000924 |
1690 | - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net> | |
1691 | - (djm) A bit more cleanup - created cygwin_util.h | |
bcdaaeab | 1692 | - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller |
1693 | <markm@swoon.net> | |
2f125ca1 | 1694 | |
764d4113 | 1695 | 20000923 |
61e96248 | 1696 | - (djm) Fix address logging in utmp from Kevin Steves |
764d4113 | 1697 | <stevesk@sweden.hp.com> |
777319db | 1698 | - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi> |
bd590612 | 1699 | - (djm) Seperate tests for int64_t and u_int64_t types |
61e96248 | 1700 | - (djm) Tweak password expiry checking at suggestion of Kevin Steves |
37c1c46d | 1701 | <stevesk@sweden.hp.com> |
e79b44e1 | 1702 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
61e96248 | 1703 | - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from |
e2144f11 | 1704 | Michael Stone <mstone@cs.loyola.edu> |
188adeb2 | 1705 | - (djm) OpenBSD CVS sync: |
1706 | - markus@cvs.openbsd.org 2000/09/17 09:38:59 | |
1707 | [sshconnect2.c sshd.c] | |
1708 | fix DEBUG_KEXDH | |
1709 | - markus@cvs.openbsd.org 2000/09/17 09:52:51 | |
1710 | [sshconnect.c] | |
1711 | yes no; ok niels@ | |
1712 | - markus@cvs.openbsd.org 2000/09/21 04:55:11 | |
1713 | [sshd.8] | |
1714 | typo | |
1715 | - markus@cvs.openbsd.org 2000/09/21 05:03:54 | |
1716 | [serverloop.c] | |
1717 | typo | |
1718 | - markus@cvs.openbsd.org 2000/09/21 05:11:42 | |
1719 | scp.c | |
1720 | utime() to utimes(); mouring@pconline.com | |
1721 | - markus@cvs.openbsd.org 2000/09/21 05:25:08 | |
1722 | sshconnect2.c | |
1723 | change login logic in ssh2, allows plugin of other auth methods | |
1724 | - markus@cvs.openbsd.org 2000/09/21 05:25:35 | |
1725 | [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] | |
1726 | [serverloop.c] | |
1727 | add context to dispatch_run | |
1728 | - markus@cvs.openbsd.org 2000/09/21 05:07:52 | |
1729 | authfd.c authfd.h ssh-agent.c | |
1730 | bug compat for old ssh.com software | |
764d4113 | 1731 | |
7f377177 | 1732 | 20000920 |
1733 | - (djm) Fix bad path substitution. Report from Andrew Miner | |
1734 | <asminer@cs.iastate.edu> | |
1735 | ||
bcbf86ec | 1736 | 20000916 |
61e96248 | 1737 | - (djm) Fix SSL search order from Lutz Jaenicke |
7950bf97 | 1738 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
19ece6d2 | 1739 | - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de> |
9cd45ea4 | 1740 | - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com> |
995edaac | 1741 | - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. |
1742 | Patch from Larry Jones <larry.jones@sdrc.com> | |
61e96248 | 1743 | - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM |
ad55cd03 | 1744 | password change patch. |
1745 | - (djm) Bring licenses on my stuff in line with OpenBSD's | |
0bbfbdeb | 1746 | - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from |
1747 | Kevin Steves <stevesk@sweden.hp.com> | |
7f8f5e00 | 1748 | - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz> |
1749 | - (djm) Re-enable int64_t types - we need them for sftp | |
1750 | - (djm) Use libexecdir from configure , rather than libexecdir/ssh | |
1751 | - (djm) Update Redhat SPEC file accordingly | |
1752 | - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files | |
1753 | - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch | |
61e96248 | 1754 | - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter |
7f8f5e00 | 1755 | <Dirk.DeWachter@rug.ac.be> |
61e96248 | 1756 | - (djm) Fixprogs and entropy list fixes from Larry Jones |
7f8f5e00 | 1757 | <larry.jones@sdrc.com> |
1758 | - (djm) Fix for SuSE spec file from Takashi YOSHIDA | |
1759 | <tyoshida@gemini.rc.kyushu-u.ac.jp> | |
bcbf86ec | 1760 | - (djm) Merge OpenBSD changes: |
1761 | - markus@cvs.openbsd.org 2000/09/05 02:59:57 | |
1762 | [session.c] | |
1763 | print hostname (not hushlogin) | |
1764 | - markus@cvs.openbsd.org 2000/09/05 13:18:48 | |
1765 | [authfile.c ssh-add.c] | |
1766 | enable ssh-add -d for DSA keys | |
1767 | - markus@cvs.openbsd.org 2000/09/05 13:20:49 | |
1768 | [sftp-server.c] | |
1769 | cleanup | |
1770 | - markus@cvs.openbsd.org 2000/09/06 03:46:41 | |
1771 | [authfile.h] | |
1772 | prototype | |
1773 | - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 | |
1774 | [ALL] | |
61e96248 | 1775 | cleanup copyright notices on all files. I have attempted to be |
1776 | accurate with the details. everything is now under Tatu's licence | |
1777 | (which I copied from his readme), and/or the core-sdi bsd-ish thing | |
1778 | for deattack, or various openbsd developers under a 2-term bsd | |
bcbf86ec | 1779 | licence. We're not changing any rules, just being accurate. |
1780 | - markus@cvs.openbsd.org 2000/09/07 14:40:30 | |
1781 | [channels.c channels.h clientloop.c serverloop.c ssh.c] | |
1782 | cleanup window and packet sizes for ssh2 flow control; ok niels | |
1783 | - markus@cvs.openbsd.org 2000/09/07 14:53:00 | |
1784 | [scp.c] | |
1785 | typo | |
1786 | - markus@cvs.openbsd.org 2000/09/07 15:13:37 | |
1787 | [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] | |
1788 | [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] | |
1789 | [pty.c readconf.c] | |
1790 | some more Copyright fixes | |
1791 | - markus@cvs.openbsd.org 2000/09/08 03:02:51 | |
1792 | [README.openssh2] | |
1793 | bye bye | |
1794 | - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 | |
1795 | [LICENCE cipher.c] | |
1796 | a few more comments about it being ARC4 not RC4 | |
1797 | - markus@cvs.openbsd.org 2000/09/12 14:53:11 | |
1798 | [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] | |
1799 | multiple debug levels | |
1800 | - markus@cvs.openbsd.org 2000/09/14 14:25:15 | |
1801 | [clientloop.c] | |
1802 | typo | |
1803 | - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 | |
1804 | [ssh-agent.c] | |
1805 | check return value for setenv(3) for failure, and deal appropriately | |
1806 | ||
deb8d717 | 1807 | 20000913 |
1808 | - (djm) Fix server not exiting with jobs in background. | |
1809 | ||
b5e300c2 | 1810 | 20000905 |
1811 | - (djm) Import OpenBSD CVS changes | |
1812 | - markus@cvs.openbsd.org 2000/08/31 15:52:24 | |
1813 | [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] | |
1814 | implement a SFTP server. interops with sftp2, scp2 and the windows | |
1815 | client from ssh.com | |
1816 | - markus@cvs.openbsd.org 2000/08/31 15:56:03 | |
1817 | [README.openssh2] | |
1818 | sync | |
1819 | - markus@cvs.openbsd.org 2000/08/31 16:05:42 | |
1820 | [session.c] | |
1821 | Wall | |
1822 | - markus@cvs.openbsd.org 2000/08/31 16:09:34 | |
1823 | [authfd.c ssh-agent.c] | |
1824 | add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions | |
1825 | - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 | |
1826 | [scp.1 scp.c] | |
1827 | cleanup and fix -S support; stevesk@sweden.hp.com | |
1828 | - markus@cvs.openbsd.org 2000/09/01 16:29:32 | |
1829 | [sftp-server.c] | |
1830 | portability fixes | |
1831 | - markus@cvs.openbsd.org 2000/09/01 16:32:41 | |
1832 | [sftp-server.c] | |
1833 | fix cast; mouring@pconline.com | |
1834 | - itojun@cvs.openbsd.org 2000/09/03 09:23:28 | |
1835 | [ssh-add.1 ssh.1] | |
1836 | add missing .El against .Bl. | |
1837 | - markus@cvs.openbsd.org 2000/09/04 13:03:41 | |
1838 | [session.c] | |
1839 | missing close; ok theo | |
1840 | - markus@cvs.openbsd.org 2000/09/04 13:07:21 | |
1841 | [session.c] | |
1842 | fix get_last_login_time order; from andre@van-veen.de | |
1843 | - markus@cvs.openbsd.org 2000/09/04 13:10:09 | |
1844 | [sftp-server.c] | |
1845 | more cast fixes; from mouring@pconline.com | |
1846 | - markus@cvs.openbsd.org 2000/09/04 13:06:04 | |
1847 | [session.c] | |
1848 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net | |
1849 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile | |
3c62e7eb | 1850 | - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> |
1851 | ||
1e61f54a | 1852 | 20000903 |
1853 | - (djm) Fix Redhat init script | |
1854 | ||
c80876b4 | 1855 | 20000901 |
1856 | - (djm) Pick up Jim's new X11-askpass | |
1857 | - (djm) Release 2.2.0p1 | |
1858 | ||
8b4a0d08 | 1859 | 20000831 |
bcbf86ec | 1860 | - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox |
8b4a0d08 | 1861 | <acox@cv.telegroup.com> |
b817711d | 1862 | - (djm) Pick up new version (2.2.0) from OpenBSD CVS |
8b4a0d08 | 1863 | |
0b65b628 | 1864 | 20000830 |
1865 | - (djm) Compile warning fixes from Mark Miller <markm@swoon.net> | |
10fa00c8 | 1866 | - (djm) Periodically rekey arc4random |
1867 | - (djm) Clean up diff against OpenBSD. | |
bcbf86ec | 1868 | - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves |
2b10f47a | 1869 | <stevesk@sweden.hp.com> |
b33a2e6e | 1870 | - (djm) Quieten the pam delete credentials error message |
44839801 | 1871 | - (djm) Fix printing of $DISPLAY hack if set by system type. Report from |
1872 | Kevin Steves <stevesk@sweden.hp.com> | |
84a770d1 | 1873 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
7efa2776 | 1874 | - (djm) Fix doh in bsd-arc4random.c |
0b65b628 | 1875 | |
9aaf9be4 | 1876 | 20000829 |
bcbf86ec | 1877 | - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert |
1878 | Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and | |
9aaf9be4 | 1879 | Garrick James <garrick@james.net> |
b5f90139 | 1880 | - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from |
1881 | Bastian Trompetter <btrompetter@firemail.de> | |
698d107e | 1882 | - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> |
14a9a859 | 1883 | - More OpenBSD updates: |
1884 | - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 | |
1885 | [scp.c] | |
1886 | off_t in sink, to fix files > 2GB, i think, test is still running ;-) | |
1887 | - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 | |
1888 | [session.c] | |
1889 | Wall | |
1890 | - markus@cvs.openbsd.org 2000/08/26 04:33:43 | |
1891 | [compat.c] | |
1892 | ssh.com-2.3.0 | |
1893 | - markus@cvs.openbsd.org 2000/08/27 12:18:05 | |
1894 | [compat.c] | |
1895 | compatibility with future ssh.com versions | |
1896 | - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 | |
1897 | [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] | |
1898 | print uid/gid as unsigned | |
1899 | - markus@cvs.openbsd.org 2000/08/28 13:51:00 | |
1900 | [ssh.c] | |
1901 | enable -n and -f for ssh2 | |
1902 | - markus@cvs.openbsd.org 2000/08/28 14:19:53 | |
1903 | [ssh.c] | |
1904 | allow combination of -N and -f | |
1905 | - markus@cvs.openbsd.org 2000/08/28 14:20:56 | |
1906 | [util.c] | |
1907 | util.c | |
1908 | - markus@cvs.openbsd.org 2000/08/28 14:22:02 | |
1909 | [util.c] | |
1910 | undo | |
1911 | - markus@cvs.openbsd.org 2000/08/28 14:23:38 | |
1912 | [util.c] | |
1913 | don't complain if setting NONBLOCK fails with ENODEV | |
9aaf9be4 | 1914 | |
137d7b6c | 1915 | 20000823 |
1916 | - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 | |
bcbf86ec | 1917 | Avoids "scp never exits" problem. Reports from Lutz Jaenicke |
1918 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA | |
137d7b6c | 1919 | <kajiyama@grad.sccs.chukyo-u.ac.jp> |
2e73a022 | 1920 | - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers |
da40ab4d | 1921 | - (djm) Add local version to version.h |
ea788c22 | 1922 | - (djm) Don't reseed arc4random everytime it is used |
2e73a022 | 1923 | - (djm) OpenBSD CVS updates: |
1924 | - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 | |
1925 | [ssh.c] | |
1926 | accept remsh as a valid name as well; roman@buildpoint.com | |
1927 | - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 | |
1928 | [deattack.c crc32.c packet.c] | |
1929 | rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to | |
1930 | libz crc32 function yet, because it has ugly "long"'s in it; | |
1931 | oneill@cs.sfu.ca | |
1932 | - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 | |
1933 | [scp.1 scp.c] | |
1934 | -S prog support; tv@debian.org | |
1935 | - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 | |
1936 | [scp.c] | |
1937 | knf | |
1938 | - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 | |
1939 | [log-client.c] | |
1940 | shorten | |
1941 | - markus@cvs.openbsd.org 2000/08/19 12:48:11 | |
1942 | [channels.c channels.h clientloop.c ssh.c ssh.h] | |
1943 | support for ~. in ssh2 | |
1944 | - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 | |
1945 | [crc32.h] | |
1946 | proper prototype | |
1947 | - markus@cvs.openbsd.org 2000/08/19 15:34:44 | |
bcbf86ec | 1948 | [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] |
1949 | [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] | |
2e73a022 | 1950 | [fingerprint.c fingerprint.h] |
1951 | add SSH2/DSA support to the agent and some other DSA related cleanups. | |
1952 | (note that we cannot talk to ssh.com's ssh2 agents) | |
1953 | - markus@cvs.openbsd.org 2000/08/19 15:55:52 | |
1954 | [channels.c channels.h clientloop.c] | |
1955 | more ~ support for ssh2 | |
1956 | - markus@cvs.openbsd.org 2000/08/19 16:21:19 | |
1957 | [clientloop.c] | |
1958 | oops | |
1959 | - millert@cvs.openbsd.org 2000/08/20 12:25:53 | |
1960 | [session.c] | |
1961 | We have to stash the result of get_remote_name_or_ip() before we | |
1962 | close our socket or getpeername() will get EBADF and the process | |
1963 | will exit. Only a problem for "UseLogin yes". | |
1964 | - millert@cvs.openbsd.org 2000/08/20 12:30:59 | |
1965 | [session.c] | |
1966 | Only check /etc/nologin if "UseLogin no" since login(1) may have its | |
1967 | own policy on determining who is allowed to login when /etc/nologin | |
1968 | is present. Also use the _PATH_NOLOGIN define. | |
1969 | - millert@cvs.openbsd.org 2000/08/20 12:42:43 | |
1970 | [auth1.c auth2.c session.c ssh.c] | |
1971 | Add calls to setusercontext() and login_get*(). We basically call | |
1972 | setusercontext() in most places where previously we did a setlogin(). | |
1973 | Add default login.conf file and put root in the "daemon" login class. | |
1974 | - millert@cvs.openbsd.org 2000/08/21 10:23:31 | |
1975 | [session.c] | |
1976 | Fix incorrect PATH setting; noted by Markus. | |
137d7b6c | 1977 | |
c345cf9d | 1978 | 20000818 |
1979 | - (djm) OpenBSD CVS changes: | |
1980 | - markus@cvs.openbsd.org 2000/07/22 03:14:37 | |
1981 | [servconf.c servconf.h sshd.8 sshd.c sshd_config] | |
1982 | random early drop; ok theo, niels | |
1983 | - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 | |
1984 | [ssh.1] | |
1985 | typo | |
1986 | - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 | |
1987 | [sshd.8] | |
1988 | many fixes from pepper@mail.reppep.com | |
1989 | - provos@cvs.openbsd.org 2000/08/01 13:01:42 | |
1990 | [Makefile.in util.c aux.c] | |
1991 | rename aux.c to util.c to help with cygwin port | |
1992 | - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 | |
1993 | [authfd.c] | |
1994 | correct sun_len; Alexander@Leidinger.net | |
1995 | - provos@cvs.openbsd.org 2000/08/02 10:27:17 | |
1996 | [readconf.c sshd.8] | |
1997 | disable kerberos authentication by default | |
1998 | - provos@cvs.openbsd.org 2000/08/02 11:27:05 | |
1999 | [sshd.8 readconf.c auth-krb4.c] | |
2000 | disallow kerberos authentication if we can't verify the TGT; from | |
2001 | dugsong@ | |
2002 | kerberos authentication is on by default only if you have a srvtab. | |
2003 | - markus@cvs.openbsd.org 2000/08/04 14:30:07 | |
2004 | [auth.c] | |
2005 | unused | |
2006 | - markus@cvs.openbsd.org 2000/08/04 14:30:35 | |
2007 | [sshd_config] | |
2008 | MaxStartups | |
2009 | - markus@cvs.openbsd.org 2000/08/15 13:20:46 | |
2010 | [authfd.c] | |
2011 | cleanup; ok niels@ | |
2012 | - markus@cvs.openbsd.org 2000/08/17 14:05:10 | |
2013 | [session.c] | |
2014 | cleanup login(1)-like jobs, no duplicate utmp entries | |
2015 | - markus@cvs.openbsd.org 2000/08/17 14:06:34 | |
2016 | [session.c sshd.8 sshd.c] | |
2017 | sshd -u len, similar to telnetd | |
1a022229 | 2018 | - (djm) Lastlog was not getting closed after writing login entry |
39987cc0 | 2019 | - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com> |
c345cf9d | 2020 | |
416ed5a7 | 2021 | 20000816 |
2022 | - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) | |
bcbf86ec | 2023 | - (djm) Fix strerror replacement for old SunOS. Based on patch from |
416ed5a7 | 2024 | Charles Levert <charles@comm.polymtl.ca> |
bcbf86ec | 2025 | - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 |
416ed5a7 | 2026 | implementation. |
ba606eb2 | 2027 | - (djm) SUN_LEN macro for systems which lack it |
416ed5a7 | 2028 | |
dbaa2e87 | 2029 | 20000815 |
2030 | - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> | |
cd352c82 | 2031 | - (djm) Avoid failures on Irix when ssh is not setuid. Fix from |
2032 | Michael Stone <mstone@cs.loyola.edu> | |
d93a7e5a | 2033 | - (djm) Don't seek in directory based lastlogs |
bcbf86ec | 2034 | - (djm) Fix --with-ipaddr-display configure option test. Patch from |
d93a7e5a | 2035 | Jarno Huuskonen <jhuuskon@messi.uku.fi> |
2a2cb9e7 | 2036 | - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br> |
dbaa2e87 | 2037 | |
6c33bf70 | 2038 | 20000813 |
2039 | - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from | |
2040 | Fabrice bacchella <fabrice.bacchella@marchfirst.fr> | |
2041 | ||
3fcce26c | 2042 | 20000809 |
bcbf86ec | 2043 | - (djm) Define AIX hard limits if headers don't. Report from |
3fcce26c | 2044 | Bill Painter <william.t.painter@lmco.com> |
bcbf86ec | 2045 | - (djm) utmp direct write & SunOS 4 patch from Charles Levert |
32eec038 | 2046 | <charles@comm.polymtl.ca> |
3fcce26c | 2047 | |
71d43804 | 2048 | 20000808 |
2049 | - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install | |
2050 | time, spec file cleanup. | |
2051 | ||
f9bcea07 | 2052 | 20000807 |
378f2232 | 2053 | - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke |
47670e77 | 2054 | - (djm) Suppress error messages on channel close shutdown() failurs |
2055 | works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org> | |
378f2232 | 2056 | - (djm) Add some more entropy collection commands from Lutz Jaenicke |
f9bcea07 | 2057 | |
bcf89935 | 2058 | 20000725 |
2059 | - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF | |
2060 | ||
4c8722d9 | 2061 | 20000721 |
2062 | - (djm) OpenBSD CVS updates: | |
2063 | - markus@cvs.openbsd.org 2000/07/16 02:27:22 | |
2064 | [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] | |
2065 | [sshconnect1.c sshconnect2.c] | |
2066 | make ssh-add accept dsa keys (the agent does not) | |
2067 | - djm@cvs.openbsd.org 2000/07/17 19:25:02 | |
2068 | [sshd.c] | |
2069 | Another closing of stdin; ok deraadt | |
2070 | - markus@cvs.openbsd.org 2000/07/19 18:33:12 | |
2071 | [dsa.c] | |
2072 | missing free, reorder | |
2073 | - markus@cvs.openbsd.org 2000/07/20 16:23:14 | |
2074 | [ssh-keygen.1] | |
2075 | document input and output files | |
2076 | ||
240777b8 | 2077 | 20000720 |
4c8722d9 | 2078 | - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz> |
240777b8 | 2079 | |
3c7def32 | 2080 | 20000716 |
4c8722d9 | 2081 | - (djm) Release 2.1.1p4 |
3c7def32 | 2082 | |
819b676f | 2083 | 20000715 |
704b1659 | 2084 | - (djm) OpenBSD CVS updates |
2085 | - provos@cvs.openbsd.org 2000/07/13 16:53:22 | |
2086 | [aux.c readconf.c servconf.c ssh.h] | |
2087 | allow multiple whitespace but only one '=' between tokens, bug report from | |
2088 | Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ | |
2089 | - provos@cvs.openbsd.org 2000/07/13 17:14:09 | |
2090 | [clientloop.c] | |
2091 | typo; todd@fries.net | |
2092 | - provos@cvs.openbsd.org 2000/07/13 17:19:31 | |
2093 | [scp.c] | |
2094 | close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu> | |
2095 | - markus@cvs.openbsd.org 2000/07/14 16:59:46 | |
2096 | [readconf.c servconf.c] | |
2097 | allow leading whitespace. ok niels | |
2098 | - djm@cvs.openbsd.org 2000/07/14 22:01:38 | |
2099 | [ssh-keygen.c ssh.c] | |
2100 | Always create ~/.ssh with mode 700; ok Markus | |
819b676f | 2101 | - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca> |
2102 | - Include floatingpoint.h for entropy.c | |
2103 | - strerror replacement | |
704b1659 | 2104 | |
3f7a7e4a | 2105 | 20000712 |
c37fb3c1 | 2106 | - (djm) Remove -lresolve for Reliant Unix |
3f7a7e4a | 2107 | - (djm) OpenBSD CVS Updates: |
2108 | - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 | |
2109 | [session.c sshd.c ] | |
2110 | make MaxStartups code still work with -d; djm | |
2111 | - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 | |
2112 | [readconf.c ssh_config] | |
2113 | disable FallBackToRsh by default | |
c37fb3c1 | 2114 | - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from |
2115 | Ben Lindstrom <mouring@pconline.com> | |
1e970014 | 2116 | - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM |
2117 | spec file. | |
dcb36e5d | 2118 | - (djm) Released 2.1.1p3 |
3f7a7e4a | 2119 | |
56118702 | 2120 | 20000711 |
2121 | - (djm) Fixup for AIX getuserattr() support from Tom Bertelson | |
2122 | <tbert@abac.com> | |
132dd316 | 2123 | - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> |
bcbf86ec | 2124 | - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom |
c99e5056 | 2125 | <mouring@pconline.com> |
bcbf86ec | 2126 | - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report |
dc2a6d09 | 2127 | from Jim Watt <jimw@peisj.pebio.com> |
2d9a148e | 2128 | - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known |
2129 | to compile on more platforms (incl NeXT). | |
cc6f2c4c | 2130 | - (djm) Added bsd-inet_aton and configure support for NeXT |
aae19451 | 2131 | - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> |
089fbbd2 | 2132 | - (djm) OpenBSD CVS updates: |
2133 | - markus@cvs.openbsd.org 2000/06/26 03:22:29 | |
2134 | [authfd.c] | |
2135 | cleanup, less cut&paste | |
2136 | - markus@cvs.openbsd.org 2000/06/26 15:59:19 | |
2137 | [servconf.c servconf.h session.c sshd.8 sshd.c] | |
bcbf86ec | 2138 | MaxStartups: limit number of unauthenticated connections, work by |
089fbbd2 | 2139 | theo and me |
2140 | - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 | |
2141 | [session.c] | |
2142 | use no_x11_forwarding_flag correctly; provos ok | |
2143 | - provos@cvs.openbsd.org 2000/07/05 15:35:57 | |
2144 | [sshd.c] | |
2145 | typo | |
2146 | - aaron@cvs.openbsd.org 2000/07/05 22:06:58 | |
2147 | [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] | |
bcbf86ec | 2148 | Insert more missing .El directives. Our troff really should identify |
089fbbd2 | 2149 | these and spit out a warning. |
2150 | - todd@cvs.openbsd.org 2000/07/06 21:55:04 | |
2151 | [auth-rsa.c auth2.c ssh-keygen.c] | |
2152 | clean code is good code | |
2153 | - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 | |
2154 | [serverloop.c] | |
2155 | sense of port forwarding flag test was backwards | |
2156 | - provos@cvs.openbsd.org 2000/07/08 17:17:31 | |
2157 | [compat.c readconf.c] | |
2158 | replace strtok with strsep; from David Young <dyoung@onthejob.net> | |
2159 | - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 | |
2160 | [auth.h] | |
2161 | KNF | |
2162 | - ho@cvs.openbsd.org 2000/07/08 19:27:33 | |
2163 | [compat.c readconf.c] | |
2164 | Better conditions for strsep() ending. | |
2165 | - ho@cvs.openbsd.org 2000/07/10 10:27:05 | |
2166 | [readconf.c] | |
2167 | Get the correct message on errors. (niels@ ok) | |
2168 | - ho@cvs.openbsd.org 2000/07/10 10:30:25 | |
2169 | [cipher.c kex.c servconf.c] | |
2170 | strtok() --> strsep(). (niels@ ok) | |
5540ea9b | 2171 | - (djm) Fix problem with debug mode and MaxStartups |
eb37534b | 2172 | - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM |
2173 | builds) | |
229f64ee | 2174 | - (djm) Add strsep function from OpenBSD libc for systems that lack it |
56118702 | 2175 | |
a8545c6c | 2176 | 20000709 |
2177 | - (djm) Only enable PAM_TTY kludge for Linux. Problem report from | |
2178 | Kevin Steves <stevesk@sweden.hp.com> | |
ec90a7d6 | 2179 | - (djm) Match prototype and function declaration for rresvport_af. |
2180 | Problem report from Niklas Edmundsson <nikke@ing.umu.se> | |
bcbf86ec | 2181 | - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM |
732e8ac5 | 2182 | builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu> |
37f1df94 | 2183 | - (djm) Replace ut_name with ut_user. Patch from Jim Watt |
2184 | <jimw@peisj.pebio.com> | |
264dce47 | 2185 | - (djm) Fix pam sprintf fix |
2186 | - (djm) Cleanup entropy collection code a little more. Split initialisation | |
2187 | from seeding, perform intialisation immediatly at start, be careful with | |
2188 | uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com> | |
5bf9cfe9 | 2189 | - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com> |
2190 | Including sigaction() et al. replacements | |
bcbf86ec | 2191 | - (djm) AIX getuserattr() session initialisation from Tom Bertelson |
eeec075f | 2192 | <tbert@abac.com> |
a8545c6c | 2193 | |
e2902a5b | 2194 | 20000708 |
bcbf86ec | 2195 | - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from |
e2902a5b | 2196 | Aaron Hopkins <aaron@die.net> |
7a33f831 | 2197 | - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from |
2198 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
bcbf86ec | 2199 | - (djm) Fixed undefined variables for OSF SIA. Report from |
b3f162ba | 2200 | Baars, Henk <Hendrik.Baars@nl.origin-it.com> |
bcbf86ec | 2201 | - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c |
b28e4a3b | 2202 | Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL> |
bcbf86ec | 2203 | - (djm) Don't use inet_addr. |
e2902a5b | 2204 | |
5637650d | 2205 | 20000702 |
2206 | - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com> | |
27494968 | 2207 | - (djm) Stop shadow expiry checking from preventing logins with NIS. Based |
2208 | on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> | |
a4070484 | 2209 | - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from |
2210 | Chris, the Young One <cky@pobox.com> | |
bcbf86ec | 2211 | - (djm) Fix scp progress meter on really wide terminals. Based on patch |
88726b31 | 2212 | from James H. Cloos Jr. <cloos@jhcloos.com> |
5637650d | 2213 | |
388e9f9f | 2214 | 20000701 |
2215 | - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> | |
daaff4d5 | 2216 | - (djm) Login fixes from Tom Bertelson <tbert@abac.com> |
82258d68 | 2217 | - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen |
2218 | <vinschen@cygnus.com> | |
30228d7c | 2219 | - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM |
2647ae26 | 2220 | - (djm) Added check for broken snprintf() functions which do not correctly |
2221 | terminate output string and attempt to use replacement. | |
46158300 | 2222 | - (djm) Released 2.1.1p2 |
388e9f9f | 2223 | |
9f32ceb4 | 2224 | 20000628 |
2225 | - (djm) Fixes to lastlog code for Irix | |
2226 | - (djm) Use atomicio in loginrec | |
3206bb3b | 2227 | - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for |
2228 | Irix 6.x array sessions, project id's, and system audit trail id. | |
9e0c3e1f | 2229 | - (djm) Added 'distprep' make target to simplify packaging |
bcbf86ec | 2230 | - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA |
4d33e531 | 2231 | support. Enable using "USE_SIA=1 ./configure [options]" |
61e96248 | 2232 | |
d8caae24 | 2233 | 20000627 |
2234 | - (djm) Fixes to login code - not setting li->uid, cleanups | |
a05a70ab | 2235 | - (djm) Formatting |
d8caae24 | 2236 | |
fe30cc2e | 2237 | 20000626 |
3e98362e | 2238 | - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net> |
4cb5ffa0 | 2239 | - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de> |
2240 | - (djm) Added password expiry checking (no password change support) | |
be0b9bb7 | 2241 | - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK |
2242 | based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
b5b3f75d | 2243 | - (djm) Fix fixed EGD code. |
3e98362e | 2244 | - OpenBSD CVS update |
2245 | - provos@cvs.openbsd.org 2000/06/25 14:17:58 | |
2246 | [channels.c] | |
2247 | correct check for bad channel ids; from Wei Dai <weidai@eskimo.com> | |
2248 | ||
1c04b088 | 2249 | 20000623 |
bcbf86ec | 2250 | - (djm) Use sa_family_t in prototype for rresvport_af. Patch from |
1c04b088 | 2251 | Svante Signell <svante.signell@telia.com> |
2252 | - (djm) Autoconf logic to define sa_family_t if it is missing | |
e5a0294f | 2253 | - OpenBSD CVS Updates: |
2254 | - markus@cvs.openbsd.org 2000/06/22 10:32:27 | |
2255 | [sshd.c] | |
2256 | missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL | |
2257 | - djm@cvs.openbsd.org 2000/06/22 17:55:00 | |
2258 | [auth-krb4.c key.c radix.c uuencode.c] | |
2259 | Missing CVS idents; ok markus | |
1c04b088 | 2260 | |
f528fdf2 | 2261 | 20000622 |
2262 | - (djm) Automatically generate host key during "make install". Suggested | |
2263 | by Gary E. Miller <gem@rellim.com> | |
2264 | - (djm) Paranoia before kill() system call | |
74fc9186 | 2265 | - OpenBSD CVS Updates: |
2266 | - markus@cvs.openbsd.org 2000/06/18 18:50:11 | |
2267 | [auth2.c compat.c compat.h sshconnect2.c] | |
2268 | make userauth+pubkey interop with ssh.com-2.2.0 | |
2269 | - markus@cvs.openbsd.org 2000/06/18 20:56:17 | |
2270 | [dsa.c] | |
2271 | mem leak + be more paranoid in dsa_verify. | |
2272 | - markus@cvs.openbsd.org 2000/06/18 21:29:50 | |
2273 | [key.c] | |
2274 | cleanup fingerprinting, less hardcoded sizes | |
2275 | - markus@cvs.openbsd.org 2000/06/19 19:39:45 | |
2276 | [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] | |
2277 | [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] | |
bcbf86ec | 2278 | [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] |
74fc9186 | 2279 | [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] |
2280 | [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] | |
bcbf86ec | 2281 | [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] |
2282 | [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] | |
74fc9186 | 2283 | [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] |
2284 | [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] | |
2285 | OpenBSD tag | |
2286 | - markus@cvs.openbsd.org 2000/06/21 10:46:10 | |
2287 | sshconnect2.c missing free; nuke old comment | |
f528fdf2 | 2288 | |
e5fe9a1f | 2289 | 20000620 |
2290 | - (djm) Replace use of '-o' and '-a' logical operators in configure tests | |
986a22ec | 2291 | with '||' and '&&'. As suggested by Jim Knoble <jmknoble@jmknoble.cx> |
e5fe9a1f | 2292 | to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com> |
c03aced4 | 2293 | - (djm) Typo in loginrec.c |
e5fe9a1f | 2294 | |
cbd7492e | 2295 | 20000618 |
2296 | - (djm) Add summary of configure options to end of ./configure run | |
bcbf86ec | 2297 | - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from |
cbd7492e | 2298 | Michael Stone <mstone@cs.loyola.edu> |
bcbf86ec | 2299 | - (djm) rusage is a privileged operation on some Unices (incl. |
cbd7492e | 2300 | Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com> |
bcbf86ec | 2301 | - (djm) Avoid PAM failures when running without a TTY. Report from |
cbd7492e | 2302 | Martin Petrak <petrak@spsknm.schools.sk> |
2303 | - (djm) Include sys/types.h when including netinet/in.h in configure tests. | |
2304 | Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net> | |
729bfe59 | 2305 | - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support |
38c295d6 | 2306 | - OpenBSD CVS updates: |
2307 | - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 | |
2308 | [channels.c] | |
2309 | everyone says "nix it" (remove protocol 2 debugging message) | |
2310 | - markus@cvs.openbsd.org 2000/06/17 13:24:34 | |
2311 | [sshconnect.c] | |
2312 | allow extended server banners | |
2313 | - markus@cvs.openbsd.org 2000/06/17 14:30:10 | |
2314 | [sshconnect.c] | |
2315 | missing atomicio, typo | |
2316 | - jakob@cvs.openbsd.org 2000/06/17 16:52:34 | |
2317 | [servconf.c servconf.h session.c sshd.8 sshd_config] | |
2318 | add support for ssh v2 subsystems. ok markus@. | |
2319 | - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 | |
2320 | [readconf.c servconf.c] | |
2321 | include = in WHITESPACE; markus ok | |
2322 | - markus@cvs.openbsd.org 2000/06/17 19:09:10 | |
2323 | [auth2.c] | |
2324 | implement bug compatibility with ssh-2.0.13 pubkey, server side | |
2325 | - markus@cvs.openbsd.org 2000/06/17 21:00:28 | |
2326 | [compat.c] | |
2327 | initial support for ssh.com's 2.2.0 | |
2328 | - markus@cvs.openbsd.org 2000/06/17 21:16:09 | |
2329 | [scp.c] | |
2330 | typo | |
2331 | - markus@cvs.openbsd.org 2000/06/17 22:05:02 | |
2332 | [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] | |
2333 | split auth-rsa option parsing into auth-options | |
2334 | add options support to authorized_keys2 | |
2335 | - markus@cvs.openbsd.org 2000/06/17 22:42:54 | |
2336 | [session.c] | |
2337 | typo | |
cbd7492e | 2338 | |
509b1f88 | 2339 | 20000613 |
2340 | - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>: | |
2341 | - Platform define for SCO 3.x which breaks on /dev/ptmx | |
2342 | - Detect and try to fix missing MAXPATHLEN | |
a4d05724 | 2343 | - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp |
2344 | <P.S.S.Camp@ukc.ac.uk> | |
509b1f88 | 2345 | |
09564242 | 2346 | 20000612 |
2347 | - (djm) Glob manpages in RPM spec files to catch compressed files | |
2348 | - (djm) Full license in auth-pam.c | |
08ae384f | 2349 | - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
383207f7 | 2350 | - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>: |
2351 | - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is | |
2352 | def'd | |
2353 | - Set AIX to use preformatted manpages | |
61e96248 | 2354 | |
74b224a0 | 2355 | 20000610 |
2356 | - (djm) Minor doc tweaks | |
217ab55e | 2357 | - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx> |
74b224a0 | 2358 | |
32c80420 | 2359 | 20000609 |
2360 | - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage | |
2361 | (in favour of utmpx) on Solaris 8 | |
2362 | ||
fa649821 | 2363 | 20000606 |
48c99b2c | 2364 | - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through |
2365 | list of commands (by default). Removed verbose debugging (by default). | |
bcbf86ec | 2366 | - (djm) Increased command entropy estimates and default entropy collection |
48c99b2c | 2367 | timeout |
f988dce5 | 2368 | - (djm) Remove duplicate headers from loginrec.c |
c5fa2eb0 | 2369 | - (djm) Don't add /usr/local/lib to library search path on Irix |
bcbf86ec | 2370 | - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III |
fa649821 | 2371 | <tibbs@math.uh.edu> |
1e83f2a2 | 2372 | - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg |
2373 | <zack@wolery.cumb.org> | |
fa649821 | 2374 | - (djm) OpenBSD CVS updates: |
2375 | - todd@cvs.openbsd.org | |
2376 | [sshconnect2.c] | |
2377 | teach protocol v2 to count login failures properly and also enable an | |
2378 | explanation of why the password prompt comes up again like v1; this is NOT | |
2379 | crypto | |
61e96248 | 2380 | - markus@cvs.openbsd.org |
fa649821 | 2381 | [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] |
2382 | xauth_location support; pr 1234 | |
2383 | [readconf.c sshconnect2.c] | |
2384 | typo, unused | |
2385 | [session.c] | |
2386 | allow use_login only for login sessions, otherwise remote commands are | |
2387 | execed with uid==0 | |
2388 | [sshd.8] | |
2389 | document UseLogin better | |
2390 | [version.h] | |
2391 | OpenSSH 2.1.1 | |
2392 | [auth-rsa.c] | |
bcbf86ec | 2393 | fix match_hostname() logic for auth-rsa: deny access if we have a |
fa649821 | 2394 | negative match or no match at all |
2395 | [channels.c hostfile.c match.c] | |
bcbf86ec | 2396 | don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via |
fa649821 | 2397 | kris@FreeBSD.org |
2398 | ||
8e7b16f8 | 2399 | 20000606 |
bcbf86ec | 2400 | - (djm) Added --with-cflags, --with-ldflags and --with-libs options to |
8e7b16f8 | 2401 | configure. |
2402 | ||
d7c0f3d5 | 2403 | 20000604 |
2404 | - Configure tweaking for new login code on Irix 5.3 | |
2d6c411f | 2405 | - (andre) login code changes based on djm feedback |
d7c0f3d5 | 2406 | |
2d6c411f | 2407 | 20000603 |
2408 | - (andre) New login code | |
2409 | - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c | |
2410 | - Add loginrec.[ch], logintest.c and autoconf code | |
61e96248 | 2411 | |
5daf7064 | 2412 | 20000531 |
2413 | - Cleanup of auth.c, login.c and fake-* | |
2414 | - Cleanup of auth-pam.c, save and print "account expired" error messages | |
e5662474 | 2415 | - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp> |
69134b9b | 2416 | - Rewrote bsd-login to use proper utmp API if available. Major cleanup |
2417 | of fallback DIY code. | |
5daf7064 | 2418 | |
b9f446d1 | 2419 | 20000530 |
2420 | - Define atexit for old Solaris | |
b02ebca1 | 2421 | - Fix buffer overrun in login.c for systems which use syslen in utmpx. |
2422 | patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp> | |
71276795 | 2423 | - OpenBSD CVS updates: |
2424 | - markus@cvs.openbsd.org | |
2425 | [session.c] | |
2426 | make x11-fwd work w/ localhost (xauth add host/unix:11) | |
2427 | [cipher.c compat.c readconf.c servconf.c] | |
2428 | check strtok() != NULL; ok niels@ | |
2429 | [key.c] | |
2430 | fix key_read() for uuencoded keys w/o '=' | |
2431 | [serverloop.c] | |
2432 | group ssh1 vs. ssh2 in serverloop | |
2433 | [kex.c kex.h myproposal.h sshconnect2.c sshd.c] | |
2434 | split kexinit/kexdh, factor out common code | |
2435 | [readconf.c ssh.1 ssh.c] | |
2436 | forwardagent defaults to no, add ssh -A | |
2437 | - theo@cvs.openbsd.org | |
2438 | [session.c] | |
2439 | just some line shortening | |
60688ef9 | 2440 | - Released 2.1.0p3 |
b9f446d1 | 2441 | |
29611d9c | 2442 | 20000520 |
2443 | - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
25422c70 | 2444 | - Don't touch utmp if USE_UTMPX defined |
a423beaf | 2445 | - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com> |
fc1e8bf4 | 2446 | - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com> |
bcbf86ec | 2447 | - HPUX and Configure fixes from Lutz Jaenicke |
fc1e8bf4 | 2448 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
bcbf86ec | 2449 | - Use mkinstalldirs script to make directories instead of non-portable |
fc1e8bf4 | 2450 | "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
a905808d | 2451 | - Doc cleanup |
29611d9c | 2452 | |
301e9b01 | 2453 | 20000518 |
2454 | - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday | |
2455 | - OpenBSD CVS updates: | |
2456 | - markus@cvs.openbsd.org | |
2457 | [sshconnect.c] | |
2458 | copy only ai_addrlen bytes; misiek@pld.org.pl | |
2459 | [auth.c] | |
bcbf86ec | 2460 | accept an empty shell in authentication; bug reported by |
301e9b01 | 2461 | chris@tinker.ucr.edu |
2462 | [serverloop.c] | |
2463 | we don't have stderr for interactive terminal sessions (fcntl errors) | |
2464 | ||
ad85db64 | 2465 | 20000517 |
2466 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> | |
2467 | - Fixes command line printing segfaults (spotter: Bladt Norbert) | |
2468 | - Fixes erroneous printing of debug messages to syslog | |
2469 | - Fixes utmp for MacOS X (spotter: Aristedes Maniatis) | |
2470 | - Gives useful error message if PRNG initialisation fails | |
2471 | - Reduced ssh startup delay | |
2472 | - Measures cumulative command time rather than the time between reads | |
704b1659 | 2473 | after select() |
ad85db64 | 2474 | - 'fixprogs' perl script to eliminate non-working entropy commands, and |
704b1659 | 2475 | optionally run 'ent' to measure command entropy |
c1ef8333 | 2476 | - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix |
a64009ad | 2477 | - Avoid WCOREDUMP complation errors for systems that lack it |
bcbf86ec | 2478 | - Avoid SIGCHLD warnings from entropy commands |
28c1d5ce | 2479 | - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> |
0e73cc53 | 2480 | - OpenBSD CVS update: |
bcbf86ec | 2481 | - markus@cvs.openbsd.org |
0e73cc53 | 2482 | [ssh.c] |
2483 | fix usage() | |
2484 | [ssh2.h] | |
2485 | draft-ietf-secsh-architecture-05.txt | |
2486 | [ssh.1] | |
2487 | document ssh -T -N (ssh2 only) | |
2488 | [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] | |
2489 | enable nonblocking IO for sshd w/ proto 1, too; split out common code | |
2490 | [aux.c] | |
2491 | missing include | |
c04f75f1 | 2492 | - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
2493 | - INSTALL typo and URL fix | |
2494 | - Makefile fix | |
2495 | - Solaris fixes | |
bcbf86ec | 2496 | - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka |
c04f75f1 | 2497 | <ksakai@kso.netwk.ntt-at.co.jp> |
afa5ee68 | 2498 | - RSAless operation patch from kevin_oconnor@standardandpoors.com |
d45e3d76 | 2499 | - Detect OpenSSL seperatly from RSA |
bcbf86ec | 2500 | - Better test for RSA (more compatible with RSAref). Based on work by |
d45e3d76 | 2501 | Ed Eden <ede370@stl.rural.usda.gov> |
ad85db64 | 2502 | |
3d1a1654 | 2503 | 20000513 |
bcbf86ec | 2504 | - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz |
3d1a1654 | 2505 | <misiek@pld.org.pl> |
2506 | ||
d02a3a00 | 2507 | 20000511 |
bcbf86ec | 2508 | - Fix for prng_seed permissions checking from Lutz Jaenicke |
d02a3a00 | 2509 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
3d1a1654 | 2510 | - "make host-key" fix for Irix |
d02a3a00 | 2511 | |
d0c832f3 | 2512 | 20000509 |
2513 | - OpenBSD CVS update | |
2514 | - markus@cvs.openbsd.org | |
2515 | [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] | |
2516 | [ssh.h sshconnect1.c sshconnect2.c sshd.8] | |
2517 | - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) | |
2518 | - hugh@cvs.openbsd.org | |
2519 | [ssh.1] | |
2520 | - zap typo | |
2521 | [ssh-keygen.1] | |
2522 | - One last nit fix. (markus approved) | |
2523 | [sshd.8] | |
2524 | - some markus certified spelling adjustments | |
2525 | - markus@cvs.openbsd.org | |
2526 | [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] | |
2527 | [sshconnect2.c ] | |
2528 | - bug compat w/ ssh-2.0.13 x11, split out bugs | |
2529 | [nchan.c] | |
2530 | - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ | |
2531 | [ssh-keygen.c] | |
2532 | - handle escapes in real and original key format, ok millert@ | |
2533 | [version.h] | |
2534 | - OpenSSH-2.1 | |
3dc1102e | 2535 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a |
e93ee87a | 2536 | - Doc updates |
bcbf86ec | 2537 | - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported |
21e5304a | 2538 | by Andre Lucas <andre.lucas@dial.pipex.com> |
d0c832f3 | 2539 | |
ebdeb9a8 | 2540 | 20000508 |
2541 | - Makefile and RPM spec fixes | |
2542 | - Generate DSA host keys during "make key" or RPM installs | |
f6cde515 | 2543 | - OpenBSD CVS update |
2544 | - markus@cvs.openbsd.org | |
2545 | [clientloop.c sshconnect2.c] | |
2546 | - make x11-fwd interop w/ ssh-2.0.13 | |
2547 | [README.openssh2] | |
2548 | - interop w/ SecureFX | |
2549 | - Release 2.0.0beta2 | |
ebdeb9a8 | 2550 | |
bcbf86ec | 2551 | - Configure caching and cleanup patch from Andre Lucas' |
58d100bf | 2552 | <andre.lucas@dial.pipex.com> |
2553 | ||
1d1ffb87 | 2554 | 20000507 |
2555 | - Remove references to SSLeay. | |
2556 | - Big OpenBSD CVS update | |
2557 | - markus@cvs.openbsd.org | |
2558 | [clientloop.c] | |
2559 | - typo | |
2560 | [session.c] | |
2561 | - update proctitle on pty alloc/dealloc, e.g. w/ windows client | |
2562 | [session.c] | |
2563 | - update proctitle for proto 1, too | |
2564 | [channels.h nchan.c serverloop.c session.c sshd.c] | |
2565 | - use c-style comments | |
2566 | - deraadt@cvs.openbsd.org | |
2567 | [scp.c] | |
2568 | - more atomicio | |
bcbf86ec | 2569 | - markus@cvs.openbsd.org |
1d1ffb87 | 2570 | [channels.c] |
2571 | - set O_NONBLOCK | |
2572 | [ssh.1] | |
2573 | - update AUTHOR | |
2574 | [readconf.c ssh-keygen.c ssh.h] | |
2575 | - default DSA key file ~/.ssh/id_dsa | |
2576 | [clientloop.c] | |
2577 | - typo, rm verbose debug | |
2578 | - deraadt@cvs.openbsd.org | |
2579 | [ssh-keygen.1] | |
2580 | - document DSA use of ssh-keygen | |
2581 | [sshd.8] | |
2582 | - a start at describing what i understand of the DSA side | |
2583 | [ssh-keygen.1] | |
2584 | - document -X and -x | |
2585 | [ssh-keygen.c] | |
2586 | - simplify usage | |
bcbf86ec | 2587 | - markus@cvs.openbsd.org |
1d1ffb87 | 2588 | [sshd.8] |
2589 | - there is no rhosts_dsa | |
2590 | [ssh-keygen.1] | |
2591 | - document -y, update -X,-x | |
2592 | [nchan.c] | |
2593 | - fix close for non-open ssh1 channels | |
2594 | [servconf.c servconf.h ssh.h sshd.8 sshd.c ] | |
2595 | - s/DsaKey/HostDSAKey/, document option | |
2596 | [sshconnect2.c] | |
2597 | - respect number_of_password_prompts | |
2598 | [channels.c channels.h servconf.c servconf.h session.c sshd.8] | |
2599 | - GatewayPorts for sshd, ok deraadt@ | |
2600 | [ssh-add.1 ssh-agent.1 ssh.1] | |
2601 | - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2 | |
2602 | [ssh.1] | |
2603 | - more info on proto 2 | |
2604 | [sshd.8] | |
2605 | - sync AUTHOR w/ ssh.1 | |
2606 | [key.c key.h sshconnect.c] | |
2607 | - print key type when talking about host keys | |
2608 | [packet.c] | |
2609 | - clear padding in ssh2 | |
2610 | [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h] | |
2611 | - replace broken uuencode w/ libc b64_ntop | |
2612 | [auth2.c] | |
2613 | - log failure before sending the reply | |
2614 | [key.c radix.c uuencode.c] | |
2615 | - remote trailing comments before calling __b64_pton | |
2616 | [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1] | |
2617 | [sshconnect2.c sshd.8] | |
2618 | - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8 | |
2619 | - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch]) | |
2620 | ||
1a11e1ae | 2621 | 20000502 |
0fbe8c74 | 2622 | - OpenBSD CVS update |
2623 | [channels.c] | |
2624 | - init all fds, close all fds. | |
2625 | [sshconnect2.c] | |
2626 | - check whether file exists before asking for passphrase | |
2627 | [servconf.c servconf.h sshd.8 sshd.c] | |
2628 | - PidFile, pr 1210 | |
2629 | [channels.c] | |
2630 | - EINTR | |
2631 | [channels.c] | |
2632 | - unbreak, ok niels@ | |
2633 | [sshd.c] | |
2634 | - unlink pid file, ok niels@ | |
2635 | [auth2.c] | |
2636 | - Add missing #ifdefs; ok - markus | |
bcbf86ec | 2637 | - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy |
d3083fbd | 2638 | gathering commands from a text file |
1a11e1ae | 2639 | - Release 2.0.0beta1 |
2640 | ||
c4bc58eb | 2641 | 20000501 |
2642 | - OpenBSD CVS update | |
2643 | [packet.c] | |
2644 | - send debug messages in SSH2 format | |
3189621b | 2645 | [scp.c] |
2646 | - fix very rare EAGAIN/EINTR issues; based on work by djm | |
2647 | [packet.c] | |
2648 | - less debug, rm unused | |
2649 | [auth2.c] | |
2650 | - disable kerb,s/key in ssh2 | |
2651 | [sshd.8] | |
2652 | - Minor tweaks and typo fixes. | |
2653 | [ssh-keygen.c] | |
2654 | - Put -d into usage and reorder. markus ok. | |
bcbf86ec | 2655 | - Include missing headers for OpenSSL tests. Fix from Phil Karn |
44fb55e9 | 2656 | <karn@ka9q.ampr.org> |
bcbf86ec | 2657 | - Fixed __progname symbol collisions reported by Andre Lucas |
3fd95d9a | 2658 | <andre.lucas@dial.pipex.com> |
0d5f7abc | 2659 | - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering |
2660 | <gd@hilb1.medat.de> | |
8cb940db | 2661 | - Add some missing ifdefs to auth2.c |
8af50c98 | 2662 | - Deprecate perl-tk askpass. |
52bcc044 | 2663 | - Irix portability fixes - don't include netinet headers more than once |
2664 | - Make sure we don't save PRNG seed more than once | |
c4bc58eb | 2665 | |
2b763e31 | 2666 | 20000430 |
2667 | - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> | |
b7a87eea | 2668 | - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection |
2669 | patch. | |
2670 | - Adds timeout to entropy collection | |
2671 | - Disables slow entropy sources | |
2672 | - Load and save seed file | |
bcbf86ec | 2673 | - Changed entropy seed code to user per-user seeds only (server seed is |
b7a87eea | 2674 | saved in root's .ssh directory) |
2675 | - Use atexit() and fatal cleanups to save seed on exit | |
0b242b12 | 2676 | - More OpenBSD updates: |
2677 | [session.c] | |
2678 | - don't call chan_write_failed() if we are not writing | |
2679 | [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] | |
2680 | - keysize warnings error() -> log() | |
2b763e31 | 2681 | |
a306f2dd | 2682 | 20000429 |
2683 | - Merge big update to OpenSSH-2.0 from OpenBSD CVS | |
2684 | [README.openssh2] | |
2685 | - interop w/ F-secure windows client | |
2686 | - sync documentation | |
2687 | - ssh_host_dsa_key not ssh_dsa_key | |
2688 | [auth-rsa.c] | |
2689 | - missing fclose | |
2690 | [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c] | |
2691 | [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c] | |
2692 | [sshd.c uuencode.c uuencode.h authfile.h] | |
2693 | - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] | |
2694 | for trading keys with the real and the original SSH, directly from the | |
2695 | people who invented the SSH protocol. | |
2696 | [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h] | |
2697 | [sshconnect1.c sshconnect2.c] | |
2698 | - split auth/sshconnect in one file per protocol version | |
2699 | [sshconnect2.c] | |
2700 | - remove debug | |
2701 | [uuencode.c] | |
2702 | - add trailing = | |
2703 | [version.h] | |
2704 | - OpenSSH-2.0 | |
2705 | [ssh-keygen.1 ssh-keygen.c] | |
2706 | - add -R flag: exit code indicates if RSA is alive | |
2707 | [sshd.c] | |
2708 | - remove unused | |
2709 | silent if -Q is specified | |
2710 | [ssh.h] | |
2711 | - host key becomes /etc/ssh_host_dsa_key | |
2712 | [readconf.c servconf.c ] | |
2713 | - ssh/sshd default to proto 1 and 2 | |
2714 | [uuencode.c] | |
2715 | - remove debug | |
2716 | [auth2.c ssh-keygen.c sshconnect2.c sshd.c] | |
2717 | - xfree DSA blobs | |
2718 | [auth2.c serverloop.c session.c] | |
2719 | - cleanup logging for sshd/2, respect PasswordAuth no | |
2720 | [sshconnect2.c] | |
2721 | - less debug, respect .ssh/config | |
2722 | [README.openssh2 channels.c channels.h] | |
bcbf86ec | 2723 | - clientloop.c session.c ssh.c |
a306f2dd | 2724 | - support for x11-fwding, client+server |
2725 | ||
0ac7199f | 2726 | 20000421 |
2727 | - Merge fix from OpenBSD CVS | |
2728 | [ssh-agent.c] | |
2729 | - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de> | |
2730 | via Debian bug #59926 | |
18ba2aab | 2731 | - Define __progname in session.c if libc doesn't |
2732 | - Remove indentation on autoconf #include statements to avoid bug in | |
bcbf86ec | 2733 | DEC Tru64 compiler. Report and fix from David Del Piero |
18ba2aab | 2734 | <David.DelPiero@qed.qld.gov.au> |
0ac7199f | 2735 | |
e1b37056 | 2736 | 20000420 |
bcbf86ec | 2737 | - Make fixpaths work with perl4, patch from Andre Lucas |
e1b37056 | 2738 | <andre.lucas@dial.pipex.com> |
9da5c3c9 | 2739 | - Sync with OpenBSD CVS: |
2740 | [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c] | |
2741 | - pid_t | |
2742 | [session.c] | |
2743 | - remove bogus chan_read_failed. this could cause data | |
2744 | corruption (missing data) at end of a SSH2 session. | |
4e577b89 | 2745 | - Merge fixes from Debian patch from Phil Hands <phil@hands.com> |
2746 | - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE) | |
2747 | - Use vhangup to clean up Linux ttys | |
2748 | - Force posix getopt processing on GNU libc systems | |
371ecff9 | 2749 | - Debian bug #55910 - remove references to ssl(8) manpages |
247f1a89 | 2750 | - Debian bug #58031 - ssh_config lies about default cipher |
e1b37056 | 2751 | |
d6f24e45 | 2752 | 20000419 |
2753 | - OpenBSD CVS updates | |
2754 | [channels.c] | |
2755 | - fix pr 1196, listen_port and port_to_connect interchanged | |
2756 | [scp.c] | |
bcbf86ec | 2757 | - after completion, replace the progress bar ETA counter with a final |
d6f24e45 | 2758 | elapsed time; my idea, aaron wrote the patch |
2759 | [ssh_config sshd_config] | |
2760 | - show 'Protocol' as an example, ok markus@ | |
2761 | [sshd.c] | |
2762 | - missing xfree() | |
2763 | - Add missing header to bsd-misc.c | |
2764 | ||
35484284 | 2765 | 20000416 |
2766 | - Reduce diff against OpenBSD source | |
bcbf86ec | 2767 | - All OpenSSL includes are now unconditionally referenced as |
35484284 | 2768 | openssl/foo.h |
2769 | - Pick up formatting changes | |
2770 | - Other minor changed (typecasts, etc) that I missed | |
2771 | ||
6ae2364d | 2772 | 20000415 |
2773 | - OpenBSD CVS updates. | |
2774 | [ssh.1 ssh.c] | |
2775 | - ssh -2 | |
2776 | [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] | |
2777 | [session.c sshconnect.c] | |
2778 | - check payload for (illegal) extra data | |
2779 | [ALL] | |
2780 | whitespace cleanup | |
2781 | ||
c323ac76 | 2782 | 20000413 |
2783 | - INSTALL doc updates | |
f54651ce | 2784 | - Merged OpenBSD updates to include paths. |
bcbf86ec | 2785 | |
a8be9f80 | 2786 | 20000412 |
2787 | - OpenBSD CVS updates: | |
2788 | - [channels.c] | |
2789 | repair x11-fwd | |
2790 | - [sshconnect.c] | |
2791 | fix passwd prompt for ssh2, less debugging output. | |
2792 | - [clientloop.c compat.c dsa.c kex.c sshd.c] | |
2793 | less debugging output | |
2794 | - [kex.c kex.h sshconnect.c sshd.c] | |
2795 | check for reasonable public DH values | |
2796 | - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] | |
2797 | [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] | |
2798 | add Cipher and Protocol options to ssh/sshd, e.g.: | |
2799 | ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers | |
2800 | arcfour,3des-cbc' | |
2801 | - [sshd.c] | |
2802 | print 1.99 only if server supports both | |
2803 | ||
18e92801 | 2804 | 20000408 |
2805 | - Avoid some compiler warnings in fake-get*.c | |
2806 | - Add IPTOS macros for systems which lack them | |
9d98aaf6 | 2807 | - Only set define entropy collection macros if they are found |
e78a59f5 | 2808 | - More large OpenBSD CVS updates: |
2809 | - [auth.c auth.h servconf.c servconf.h serverloop.c session.c] | |
2810 | [session.h ssh.h sshd.c README.openssh2] | |
2811 | ssh2 server side, see README.openssh2; enable with 'sshd -2' | |
2812 | - [channels.c] | |
2813 | no adjust after close | |
2814 | - [sshd.c compat.c ] | |
2815 | interop w/ latest ssh.com windows client. | |
61e96248 | 2816 | |
8ce64345 | 2817 | 20000406 |
2818 | - OpenBSD CVS update: | |
2819 | - [channels.c] | |
2820 | close efd on eof | |
2821 | - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h] | |
2822 | ssh2 client implementation, interops w/ ssh.com and lsh servers. | |
2823 | - [sshconnect.c] | |
2824 | missing free. | |
2825 | - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c] | |
2826 | remove unused argument, split cipher_mask() | |
2827 | - [clientloop.c] | |
2828 | re-order: group ssh1 vs. ssh2 | |
2829 | - Make Redhat spec require openssl >= 0.9.5a | |
2830 | ||
e7627112 | 2831 | 20000404 |
2832 | - Add tests for RAND_add function when searching for OpenSSL | |
7e7327a1 | 2833 | - OpenBSD CVS update: |
2834 | - [packet.h packet.c] | |
2835 | ssh2 packet format | |
2836 | - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] | |
2837 | [channels.h channels.c] | |
2838 | channel layer support for ssh2 | |
2839 | - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] | |
2840 | DSA, keyexchange, algorithm agreement for ssh2 | |
6c081128 | 2841 | - Generate manpages before make install not at the end of make all |
2842 | - Don't seed the rng quite so often | |
2843 | - Always reseed rng when requested | |
e7627112 | 2844 | |
bfc9a610 | 2845 | 20000403 |
2846 | - Wrote entropy collection routines for systems that lack /dev/random | |
2847 | and EGD | |
837c30b8 | 2848 | - Disable tests and typedefs for 64 bit types. They are currently unused. |
bfc9a610 | 2849 | |
7368a6c8 | 2850 | 20000401 |
2851 | - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) | |
2852 | - [auth.c session.c sshd.c auth.h] | |
2853 | split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal | |
2854 | - [bufaux.c bufaux.h] | |
2855 | support ssh2 bignums | |
2856 | - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c] | |
2857 | [readconf.c ssh.c ssh.h serverloop.c] | |
2858 | replace big switch() with function tables (prepare for ssh2) | |
2859 | - [ssh2.h] | |
2860 | ssh2 message type codes | |
2861 | - [sshd.8] | |
2862 | reorder Xr to avoid cutting | |
2863 | - [serverloop.c] | |
2864 | close(fdin) if fdin != fdout, shutdown otherwise, ok theo@ | |
2865 | - [channels.c] | |
2866 | missing close | |
2867 | allow bigger packets | |
2868 | - [cipher.c cipher.h] | |
2869 | support ssh2 ciphers | |
2870 | - [compress.c] | |
2871 | cleanup, less code | |
2872 | - [dispatch.c dispatch.h] | |
2873 | function tables for different message types | |
2874 | - [log-server.c] | |
2875 | do not log() if debuggin to stderr | |
2876 | rename a cpp symbol, to avoid param.h collision | |
2877 | - [mpaux.c] | |
2878 | KNF | |
2879 | - [nchan.c] | |
2880 | sync w/ channels.c | |
2881 | ||
f5238bee | 2882 | 20000326 |
2883 | - Better tests for OpenSSL w/ RSAref | |
bcbf86ec | 2884 | - Added replacement setenv() function from OpenBSD libc. Suggested by |
f5238bee | 2885 | Ben Lindstrom <mouring@pconline.com> |
4fe2af09 | 2886 | - OpenBSD CVS update |
2887 | - [auth-krb4.c] | |
2888 | -Wall | |
2889 | - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c] | |
2890 | [match.h ssh.c ssh.h sshconnect.c sshd.c] | |
2891 | initial support for DSA keys. ok deraadt@, niels@ | |
2892 | - [cipher.c cipher.h] | |
2893 | remove unused cipher_attack_detected code | |
2894 | - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] | |
2895 | Fix some formatting problems I missed before. | |
2896 | - [ssh.1 sshd.8] | |
2897 | fix spelling errors, From: FreeBSD | |
2898 | - [ssh.c] | |
2899 | switch to raw mode only if he _get_ a pty (not if we _want_ a pty). | |
f5238bee | 2900 | |
0024a081 | 2901 | 20000324 |
2902 | - Released 1.2.3 | |
2903 | ||
bd499f9e | 2904 | 20000317 |
2905 | - Clarified --with-default-path option. | |
2906 | - Added -blibpath handling for AIX to work around stupid runtime linking. | |
2907 | Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble | |
986a22ec | 2908 | <jmknoble@jmknoble.cx> |
474b5fef | 2909 | - Checks for 64 bit int types. Problem report from Mats Fredholm |
2910 | <matsf@init.se> | |
610cd5c6 | 2911 | - OpenBSD CVS updates: |
bcbf86ec | 2912 | - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] |
610cd5c6 | 2913 | [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] |
2914 | [sshd.c] | |
2915 | pedantic: signed vs. unsigned, void*-arithm, etc | |
2916 | - [ssh.1 sshd.8] | |
2917 | Various cleanups and standardizations. | |
bcbf86ec | 2918 | - Runtime error fix for HPUX from Otmar Stahl |
be48d23c | 2919 | <O.Stahl@lsw.uni-heidelberg.de> |
bd499f9e | 2920 | |
4696775a | 2921 | 20000316 |
bcbf86ec | 2922 | - Fixed configure not passing LDFLAGS to Solaris. Report from David G. |
4696775a | 2923 | Hesprich <dghespri@sprintparanet.com> |
d423d822 | 2924 | - Propogate LD through to Makefile |
b7a9ce47 | 2925 | - Doc cleanups |
2ba2a610 | 2926 | - Added blurb about "scp: command not found" errors to UPGRADING |
4696775a | 2927 | |
cb0b7ea4 | 2928 | 20000315 |
2929 | - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list | |
2930 | problems with gcc/Solaris. | |
bcbf86ec | 2931 | - Don't free argument to putenv() after use (in setenv() replacement). |
db55a3ea | 2932 | Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> |
bcbf86ec | 2933 | - Created contrib/ subdirectory. Included helpers from Phil Hands' |
13652e52 | 2934 | Debian package, README file and chroot patch from Ricardo Cerqueira |
2935 | <rmcc@clix.pt> | |
bcbf86ec | 2936 | - Moved gnome-ssh-askpass.c to contrib directory and removed config |
13652e52 | 2937 | option. |
2938 | - Slight cleanup to doc files | |
b14b2ae7 | 2939 | - Configure fix from Bratislav ILICH <bilic@zepter.ru> |
cb0b7ea4 | 2940 | |
a8ed9fd9 | 2941 | 20000314 |
bcbf86ec | 2942 | - Include macro for IN6_IS_ADDR_V4MAPPED. Report from |
a8ed9fd9 | 2943 | peter@frontierflying.com |
84afc958 | 2944 | - Include /usr/local/include and /usr/local/lib for systems that don't |
2945 | do it themselves | |
2946 | - -R/usr/local/lib for Solaris | |
2947 | - Fix RSAref detection | |
2948 | - Fix IN6_IS_ADDR_V4MAPPED macro | |
a8ed9fd9 | 2949 | |
bcf36c78 | 2950 | 20000311 |
2951 | - Detect RSAref | |
43e48848 | 2952 | - OpenBSD CVS change |
2953 | [sshd.c] | |
2954 | - disallow guessing of root password | |
867dbf40 | 2955 | - More configure fixes |
80faa19f | 2956 | - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> |
bcf36c78 | 2957 | |
c8d54615 | 2958 | 20000309 |
2959 | - OpenBSD CVS updates to v1.2.3 | |
704b1659 | 2960 | [ssh.h atomicio.c] |
2961 | - int atomicio -> ssize_t (for alpha). ok deraadt@ | |
2962 | [auth-rsa.c] | |
2963 | - delay MD5 computation until client sends response, free() early, cleanup. | |
2964 | [cipher.c] | |
2965 | - void* -> unsigned char*, ok niels@ | |
2966 | [hostfile.c] | |
2967 | - remove unused variable 'len'. fix comments. | |
2968 | - remove unused variable | |
2969 | [log-client.c log-server.c] | |
2970 | - rename a cpp symbol, to avoid param.h collision | |
2971 | [packet.c] | |
2972 | - missing xfree() | |
2973 | - getsockname() requires initialized tolen; andy@guildsoftware.com | |
2974 | - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
2975 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
2976 | [pty.c pty.h] | |
bcbf86ec | 2977 | - register cleanup for pty earlier. move code for pty-owner handling to |
c8d54615 | 2978 | pty.c ok provos@, dugsong@ |
704b1659 | 2979 | [readconf.c] |
2980 | - turn off x11-fwd for the client, too. | |
2981 | [rsa.c] | |
2982 | - PKCS#1 padding | |
2983 | [scp.c] | |
2984 | - allow '.' in usernames; from jedgar@fxp.org | |
2985 | [servconf.c] | |
2986 | - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de | |
2987 | - sync with sshd_config | |
2988 | [ssh-keygen.c] | |
2989 | - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ | |
2990 | [ssh.1] | |
2991 | - Change invalid 'CHAT' loglevel to 'VERBOSE' | |
2992 | [ssh.c] | |
2993 | - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp | |
2994 | - turn off x11-fwd for the client, too. | |
2995 | [sshconnect.c] | |
2996 | - missing xfree() | |
2997 | - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. | |
2998 | - read error vs. "Connection closed by remote host" | |
2999 | [sshd.8] | |
3000 | - ie. -> i.e., | |
3001 | - do not link to a commercial page.. | |
3002 | - sync with sshd_config | |
3003 | [sshd.c] | |
3004 | - no need for poll.h; from bright@wintelcom.net | |
3005 | - log with level log() not fatal() if peer behaves badly. | |
3006 | - don't panic if client behaves strange. ok deraadt@ | |
3007 | - make no-port-forwarding for RSA keys deny both -L and -R style fwding | |
3008 | - delay close() of pty until the pty has been chowned back to root | |
3009 | - oops, fix comment, too. | |
3010 | - missing xfree() | |
3011 | - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. | |
3012 | (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) | |
bcbf86ec | 3013 | - register cleanup for pty earlier. move code for pty-owner handling to |
704b1659 | 3014 | pty.c ok provos@, dugsong@ |
3015 | - create x11 cookie file | |
3016 | - fix pr 1113, fclose() -> pclose(), todo: remote popen() | |
3017 | - version 1.2.3 | |
c8d54615 | 3018 | - Cleaned up |
bcbf86ec | 3019 | - Removed warning workaround for Linux and devpts filesystems (no longer |
d8223847 | 3020 | required after OpenBSD updates) |
c8d54615 | 3021 | |
07055445 | 3022 | 20000308 |
3023 | - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> | |
3024 | ||
3025 | 20000307 | |
3026 | - Released 1.2.2p1 | |
3027 | ||
9c8c3fc6 | 3028 | 20000305 |
3029 | - Fix DEC compile fix | |
54096dcc | 3030 | - Explicitly seed OpenSSL's PRNG before checking rsa_alive() |
aa6bd60a | 3031 | - Check for getpagesize in libucb.a if not found in libc. Fix for old |
3032 | Solaris from Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 3033 | - Check for libwrap if --with-tcp-wrappers option specified. Suggestion |
9fc7867e | 3034 | Mate Wierdl <mw@moni.msci.memphis.edu> |
9c8c3fc6 | 3035 | |
6bf4d066 | 3036 | 20000303 |
3037 | - Added "make host-key" target, Suggestion from Dominik Brettnacher | |
3038 | <domi@saargate.de> | |
bcbf86ec | 3039 | - Don't permanently fail on bind() if getaddrinfo has more choices left for |
16218745 | 3040 | us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz |
3041 | Miskiewicz <misiek@pld.org.pl> | |
22fa590f | 3042 | - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> |
3043 | - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au> | |
6bf4d066 | 3044 | |
a0391976 | 3045 | 20000302 |
3046 | - Big cleanup of autoconf code | |
3047 | - Rearranged to be a little more logical | |
3048 | - Added -R option for Solaris | |
3049 | - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program | |
3050 | to detect library and header location _and_ ensure library has proper | |
3051 | RSA support built in (this is a problem with OpenSSL 0.9.5). | |
817175bc | 3052 | - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de |
0a1718dc | 3053 | - Avoid warning message with Unix98 ptys |
bcbf86ec | 3054 | - Warning was valid - possible race condition on PTYs. Avoided using |
3276571c | 3055 | platform-specific code. |
3056 | - Document some common problems | |
bcbf86ec | 3057 | - Allow root access to any key. Patch from |
81eef326 | 3058 | markus.friedl@informatik.uni-erlangen.de |
a0391976 | 3059 | |
f55afe71 | 3060 | 20000207 |
3061 | - Removed SOCKS code. Will support through a ProxyCommand. | |
3062 | ||
d07d1c58 | 3063 | 20000203 |
3064 | - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu | |
d581b7ae | 3065 | - Add --with-ssl-dir option |
d07d1c58 | 3066 | |
9d5f374b | 3067 | 20000202 |
bcbf86ec | 3068 | - Fix lastlog code for directory based lastlogs. Fix from Josh Durham |
9d5f374b | 3069 | <jmd@aoe.vt.edu> |
6b1f3fdb | 3070 | - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 3071 | - Added URLs to Japanese translations of documents by HARUYAMA Seigo |
6b1f3fdb | 3072 | <haruyama@nt.phys.s.u-tokyo.ac.jp> |
9d5f374b | 3073 | |
bc8c2601 | 3074 | 20000201 |
3075 | - Use socket pairs by default (instead of pipes). Prevents race condition | |
3076 | on several (buggy) OSs. Report and fix from tridge@linuxcare.com | |
3077 | ||
69c76614 | 3078 | 20000127 |
3079 | - Seed OpenSSL's random number generator before generating RSA keypairs | |
3080 | - Split random collector into seperate file | |
aaf2abd7 | 3081 | - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> |
69c76614 | 3082 | |
f9507c24 | 3083 | 20000126 |
3084 | - Released 1.2.2 stable | |
3085 | ||
bcbf86ec | 3086 | - NeXT keeps it lastlog in /usr/adm. Report from |
f9507c24 | 3087 | mouring@newton.pconline.com |
bcbf86ec | 3088 | - Added note in UPGRADING re interop with commercial SSH using idea. |
986a22ec | 3089 | Report from Jim Knoble <jmknoble@jmknoble.cx> |
587120ad | 3090 | - Fix linking order for Kerberos/AFS. Fix from Holget Trapp |
3091 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
f9507c24 | 3092 | |
bfae20ad | 3093 | 20000125 |
bcbf86ec | 3094 | - Fix NULL pointer dereference in login.c. Fix from Andre Lucas |
bfae20ad | 3095 | <andre.lucas@dial.pipex.com> |
07b0cb78 | 3096 | - Reorder PAM initialisation so it does not mess up lastlog. Reported |
3097 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 3098 | - Use preformatted manpages on SCO, report from Gary E. Miller |
9755cbdb | 3099 | <gem@rellim.com> |
3100 | - New URL for x11-ssh-askpass. | |
bcbf86ec | 3101 | - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble |
986a22ec | 3102 | <jmknoble@jmknoble.cx> |
bcbf86ec | 3103 | - Added 'DESTDIR' option to Makefile to ease package building. Patch from |
986a22ec | 3104 | Jim Knoble <jmknoble@jmknoble.cx> |
ff8ecdb8 | 3105 | - Updated RPM spec files to use DESTDIR |
bfae20ad | 3106 | |
bb58aa4b | 3107 | 20000124 |
3108 | - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number | |
3109 | increment) | |
3110 | ||
d45317d8 | 3111 | 20000123 |
3112 | - OpenBSD CVS: | |
3113 | - [packet.c] | |
3114 | getsockname() requires initialized tolen; andy@guildsoftware.com | |
bcbf86ec | 3115 | - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin |
4c40f834 | 3116 | <drankin@bohemians.lexington.ky.us> |
12aa90af | 3117 | - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> |
d45317d8 | 3118 | |
e844f761 | 3119 | 20000122 |
3120 | - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor | |
3121 | <bent@clark.net> | |
c54a6257 | 3122 | - Merge preformatted manpage patch from Andre Lucas |
3123 | <andre.lucas@dial.pipex.com> | |
8eb34e02 | 3124 | - Make IPv4 use the default in RPM packages |
3125 | - Irix uses preformatted manpages | |
1e64903d | 3126 | - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp |
3127 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
9bc5ddfe | 3128 | - OpenBSD CVS updates: |
3129 | - [packet.c] | |
3130 | use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
3131 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
3132 | - [sshd.c] | |
3133 | log with level log() not fatal() if peer behaves badly. | |
3134 | - [readpass.c] | |
bcbf86ec | 3135 | instead of blocking SIGINT, catch it ourselves, so that we can clean |
3136 | the tty modes up and kill ourselves -- instead of our process group | |
61e96248 | 3137 | leader (scp, cvs, ...) going away and leaving us in noecho mode. |
9bc5ddfe | 3138 | people with cbreak shells never even noticed.. |
399d9d44 | 3139 | - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
3140 | ie. -> i.e., | |
e844f761 | 3141 | |
4c8ef3fb | 3142 | 20000120 |
3143 | - Don't use getaddrinfo on AIX | |
7b2ea3a1 | 3144 | - Update to latest OpenBSD CVS: |
3145 | - [auth-rsa.c] | |
3146 | - fix user/1056, sshd keeps restrictions; dbt@meat.net | |
3147 | - [sshconnect.c] | |
3148 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
3149 | - destroy keys earlier | |
bcbf86ec | 3150 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 3151 | ok: provos@ |
7b2ea3a1 | 3152 | - [sshd.c] |
3153 | - no need for poll.h; from bright@wintelcom.net | |
3154 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
bcbf86ec | 3155 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 3156 | ok: provos@ |
f3bba493 | 3157 | - Big manpage and config file cleanup from Andre Lucas |
3158 | <andre.lucas@dial.pipex.com> | |
5f4fdfae | 3159 | - Re-added latest (unmodified) OpenBSD manpages |
47f9a56a | 3160 | - Doc updates |
d468fc76 | 3161 | - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and |
3162 | Christos Zoulas <christos@netbsd.org> | |
4c8ef3fb | 3163 | |
082bbfb3 | 3164 | 20000119 |
20af321f | 3165 | - SCO compile fixes from Gary E. Miller <gem@rellim.com> |
082bbfb3 | 3166 | - Compile fix from Darren_Hall@progressive.com |
59e76f33 | 3167 | - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC |
3168 | addresses using getaddrinfo(). Added a configure switch to make the | |
3169 | default lookup mode AF_INET | |
082bbfb3 | 3170 | |
a63a7f37 | 3171 | 20000118 |
3172 | - Fixed --with-pid-dir option | |
51a6baf8 | 3173 | - Makefile fix from Gary E. Miller <gem@rellim.com> |
61e96248 | 3174 | - Compile fix for HPUX and Solaris from Andre Lucas |
976f7e19 | 3175 | <andre.lucas@dial.pipex.com> |
a63a7f37 | 3176 | |
f914c7fb | 3177 | 20000117 |
3178 | - Clean up bsd-bindresvport.c. Use arc4random() for picking initial | |
3179 | port, ignore EINVAL errors (Linux) when searching for free port. | |
bcbf86ec | 3180 | - Revert __snprintf -> snprintf aliasing. Apparently Solaris |
de93b046 | 3181 | __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org> |
9b363e1c | 3182 | - Document location of Redhat PAM file in INSTALL. |
bcbf86ec | 3183 | - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6 |
3184 | INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to | |
f4a7cf29 | 3185 | deliver (no IPv6 kernel support) |
80a44451 | 3186 | - Released 1.2.1pre27 |
f914c7fb | 3187 | |
f4a7cf29 | 3188 | - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c) |
bcbf86ec | 3189 | - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen |
cf8ad170 | 3190 | <jhuuskon@hytti.uku.fi> |
bcbf86ec | 3191 | - Fix hang on logout if processes are still using the pty. Needs |
691a8a9f | 3192 | further testing. |
5957fd29 | 3193 | - Patch from Christos Zoulas <christos@zoulas.com> |
3194 | - Try $prefix first when looking for OpenSSL. | |
3195 | - Include sys/types.h when including sys/socket.h in test programs | |
bcbf86ec | 3196 | - Substitute PID directory in sshd.8. Suggestion from Andrew |
19d9ac2a | 3197 | Stribblehill <a.d.stribblehill@durham.ac.uk> |
f4a7cf29 | 3198 | |
47e45e44 | 3199 | 20000116 |
3200 | - Renamed --with-xauth-path to --with-xauth | |
3201 | - Added --with-pid-dir option | |
3202 | - Released 1.2.1pre26 | |
3203 | ||
a82ef8ae | 3204 | - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
bcbf86ec | 3205 | - Fixed broken bugfix for /dev/ptmx on Linux systems which lack |
66be05a1 | 3206 | openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
a82ef8ae | 3207 | |
5cdfe03f | 3208 | 20000115 |
3209 | - Add --with-xauth-path configure directive and explicit test for | |
bcbf86ec | 3210 | /usr/openwin/bin/xauth for Solaris systems. Report from Anders |
5cdfe03f | 3211 | Nordby <anders@fix.no> |
bcbf86ec | 3212 | - Fix incorrect detection of /dev/ptmx on Linux systems that lack |
5cdfe03f | 3213 | openpty. Report from John Seifarth <john@waw.be> |
3214 | - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in | |
bcbf86ec | 3215 | sys/types.h. Fixes problems on SCO, report from Gary E. Miller |
5cdfe03f | 3216 | <gem@rellim.com> |
3217 | - Use __snprintf and __vnsprintf if they are found where snprintf and | |
3218 | vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net> | |
3219 | and others. | |
3220 | ||
48e671d5 | 3221 | 20000114 |
3222 | - Merged OpenBSD IPv6 patch: | |
3223 | - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] | |
3224 | [scp.c packet.h packet.c login.c log.c canohost.c channels.c] | |
3225 | [hostfile.c sshd_config] | |
3226 | ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new | |
bcbf86ec | 3227 | features: sshd allows multiple ListenAddress and Port options. note |
3228 | that libwrap is not IPv6-ready. (based on patches from | |
48e671d5 | 3229 | fujiwara@rcac.tdi.co.jp) |
3230 | - [ssh.c canohost.c] | |
bcbf86ec | 3231 | more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, |
48e671d5 | 3232 | from itojun@ |
3233 | - [channels.c] | |
3234 | listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) | |
3235 | - [packet.h] | |
3236 | allow auth-kerberos for IPv4 only | |
3237 | - [scp.1 sshd.8 servconf.h scp.c] | |
3238 | document -4, -6, and 'ssh -L 2022/::1/22' | |
3239 | - [ssh.c] | |
bcbf86ec | 3240 | 'ssh @host' is illegal (null user name), from |
48e671d5 | 3241 | karsten@gedankenpolizei.de |
3242 | - [sshconnect.c] | |
3243 | better error message | |
3244 | - [sshd.c] | |
3245 | allow auth-kerberos for IPv4 only | |
3246 | - Big IPv6 merge: | |
3247 | - Cleanup overrun in sockaddr copying on RHL 6.1 | |
3248 | - Replacements for getaddrinfo, getnameinfo, etc based on versions | |
3249 | from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp> | |
3250 | - Replacement for missing structures on systems that lack IPv6 | |
3251 | - record_login needed to know about AF_INET6 addresses | |
3252 | - Borrowed more code from OpenBSD: rresvport_af and requisites | |
3253 | ||
2598df62 | 3254 | 20000110 |
3255 | - Fixes to auth-skey to enable it to use the standard OpenSSL libraries | |
3256 | ||
b8a0310d | 3257 | 20000107 |
3258 | - New config.sub and config.guess to fix problems on SCO. Supplied | |
3259 | by Gary E. Miller <gem@rellim.com> | |
b6a98a85 | 3260 | - SCO build fix from Gary E. Miller <gem@rellim.com> |
2598df62 | 3261 | - Released 1.2.1pre25 |
b8a0310d | 3262 | |
dfb95100 | 3263 | 20000106 |
3264 | - Documentation update & cleanup | |
3265 | - Better KrbIV / AFS detection, based on patch from: | |
3266 | Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
3267 | ||
b9795b89 | 3268 | 20000105 |
bcbf86ec | 3269 | - Fixed annoying DES corruption problem. libcrypt has been |
b9795b89 | 3270 | overriding symbols in libcrypto. Removed libcrypt and crypt.h |
3271 | altogether (libcrypto includes its own crypt(1) replacement) | |
3272 | - Added platform-specific rules for Irix 6.x. Included warning that | |
3273 | they are untested. | |
3274 | ||
a1ec4d79 | 3275 | 20000103 |
3276 | - Add explicit make rules for files proccessed by fixpaths. | |
61e96248 | 3277 | - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori |
a1ec4d79 | 3278 | <tnh@kondara.org> |
bcbf86ec | 3279 | - Removed "nullok" directive from default PAM configuration files. |
3280 | Added information on enabling EmptyPasswords on openssh+PAM in | |
607d73e6 | 3281 | UPGRADING file. |
e02735bb | 3282 | - OpenBSD CVS updates |
3283 | - [ssh-agent.c] | |
bcbf86ec | 3284 | cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and |
e02735bb | 3285 | dgaudet@arctic.org |
3286 | - [sshconnect.c] | |
3287 | compare correct version for 1.3 compat mode | |
a1ec4d79 | 3288 | |
93c7f644 | 3289 | 20000102 |
3290 | - Prevent multiple inclusion of config.h and defines.h. Suggested | |
3291 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
3292 | - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet | |
3293 | <dgaudet@arctic.org> | |
3294 | ||
76b8607f | 3295 | 19991231 |
bcbf86ec | 3296 | - Fix password support on systems with a mixture of shadowed and |
3297 | non-shadowed passwords (e.g. NIS). Report and fix from | |
76b8607f | 3298 | HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 3299 | - Fix broken autoconf typedef detection. Report from Marc G. |
723221b5 | 3300 | Fournier <marc.fournier@acadiau.ca> |
b92964b7 | 3301 | - Fix occasional crash on LinuxPPC. Patch from Franz Sirl |
3302 | <Franz.Sirl-kernel@lauterbach.com> | |
bcbf86ec | 3303 | - Prevent typedefs from being compiled more than once. Report from |
a6ddc88b | 3304 | Marc G. Fournier <marc.fournier@acadiau.ca> |
4811cc0b | 3305 | - Fill in ut_utaddr utmp field. Report from Benjamin Charron |
3306 | <iretd@bigfoot.com> | |
bcbf86ec | 3307 | - Really fix broken default path. Fix from Jim Knoble |
986a22ec | 3308 | <jmknoble@jmknoble.cx> |
ae3a3d31 | 3309 | - Remove test for quad_t. No longer needed. |
76a8e733 | 3310 | - Released 1.2.1pre24 |
3311 | ||
3312 | - Added support for directory-based lastlogs | |
3313 | - Really fix typedefs, patch from Ben Taylor <bent@clark.net> | |
76b8607f | 3314 | |
13f825f4 | 3315 | 19991230 |
3316 | - OpenBSD CVS updates: | |
3317 | - [auth-passwd.c] | |
3318 | check for NULL 1st | |
bcbf86ec | 3319 | - Removed most of the pam code into its own file auth-pam.[ch]. This |
a5c9cd31 | 3320 | cleaned up sshd.c up significantly. |
bcbf86ec | 3321 | - PAM authentication was incorrectly interpreting |
76b8607f | 3322 | "PermitRootLogin without-password". Report from Matthias Andree |
3323 | <ma@dt.e-technik.uni-dortmund.de | |
a5c9cd31 | 3324 | - Several other cleanups |
0bc5b6fb | 3325 | - Merged Dante SOCKS support patch from David Rankin |
3326 | <drankin@bohemians.lexington.ky.us> | |
3327 | - Updated documentation with ./configure options | |
76b8607f | 3328 | - Released 1.2.1pre23 |
13f825f4 | 3329 | |
c73a0cb5 | 3330 | 19991229 |
bcbf86ec | 3331 | - Applied another NetBSD portability patch from David Rankin |
c73a0cb5 | 3332 | <drankin@bohemians.lexington.ky.us> |
3333 | - Fix --with-default-path option. | |
bcbf86ec | 3334 | - Autodetect perl, patch from David Rankin |
a0f84251 | 3335 | <drankin@bohemians.lexington.ky.us> |
bcbf86ec | 3336 | - Print whether OpenSSH was compiled with RSARef, patch from |
0a2ff95d | 3337 | Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu> |
bcbf86ec | 3338 | - Calls to pam_setcred, patch from Nalin Dahyabhai |
f91bacbd | 3339 | <nalin@thermo.stat.ncsu.edu> |
e3a93db0 | 3340 | - Detect missing size_t and typedef it. |
5ab44a92 | 3341 | - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] |
3342 | - Minor Makefile cleaning | |
c73a0cb5 | 3343 | |
b6019d68 | 3344 | 19991228 |
3345 | - Replacement for getpagesize() for systems which lack it | |
bcbf86ec | 3346 | - NetBSD login.c compile fix from David Rankin |
70e0115b | 3347 | <drankin@bohemians.lexington.ky.us> |
3348 | - Fully set ut_tv if present in utmp or utmpx | |
d94aa2ae | 3349 | - Portability fixes for Irix 5.3 (now compiles OK!) |
3350 | - autoconf and other misc cleanups | |
ea1970a3 | 3351 | - Merged AIX patch from Darren Hall <dhall@virage.org> |
3352 | - Cleaned up defines.h | |
fa9a2dd6 | 3353 | - Released 1.2.1pre22 |
b6019d68 | 3354 | |
d2dcff5f | 3355 | 19991227 |
3356 | - Automatically correct paths in manpages and configuration files. Patch | |
3357 | and script from Andre Lucas <andre.lucas@dial.pipex.com> | |
3358 | - Removed credits from README to CREDITS file, updated. | |
cb807f40 | 3359 | - Added --with-default-path to specify custom path for server |
3360 | - Removed #ifdef trickery from acconfig.h into defines.h | |
36a5b38e | 3361 | - PAM bugfix. PermitEmptyPassword was being ignored. |
3362 | - Fixed PAM config files to allow empty passwords if server does. | |
3363 | - Explained spurious PAM auth warning workaround in UPGRADING | |
21feb5fa | 3364 | - Use last few chars of tty line as ut_id |
5a7794be | 3365 | - New SuSE RPM spec file from Chris Saia <csaia@wtower.com> |
00e6dd70 | 3366 | - OpenBSD CVS updates: |
3367 | - [packet.h auth-rhosts.c] | |
3368 | check format string for packet_disconnect and packet_send_debug, too | |
3369 | - [channels.c] | |
3370 | use packet_get_maxsize for channels. consistence. | |
d2dcff5f | 3371 | |
f74efc8d | 3372 | 19991226 |
3373 | - Enabled utmpx support by default for Solaris | |
3374 | - Cleanup sshd.c PAM a little more | |
986a22ec | 3375 | - Revised RPM package to include Jim Knoble's <jmknoble@jmknoble.cx> |
bc7ea646 | 3376 | X11 ssh-askpass program. |
20c43d8c | 3377 | - Disable logging of PAM success and failures, PAM is verbose enough. |
bcbf86ec | 3378 | Unfortunatly there is currently no way to disable auth failure |
3379 | messages. Mention this in UPGRADING file and sent message to PAM | |
20c43d8c | 3380 | developers |
83b7f649 | 3381 | - OpenBSD CVS update: |
3382 | - [ssh-keygen.1 ssh.1] | |
bcbf86ec | 3383 | remove ref to .ssh/random_seed, mention .ssh/environment in |
83b7f649 | 3384 | .Sh FILES, too |
72251cb6 | 3385 | - Released 1.2.1pre21 |
bcbf86ec | 3386 | - Fixed implicit '.' in default path, report from Jim Knoble |
986a22ec | 3387 | <jmknoble@jmknoble.cx> |
3388 | - Redhat RPM spec fixes from Jim Knoble <jmknoble@jmknoble.cx> | |
f74efc8d | 3389 | |
f498ed15 | 3390 | 19991225 |
3391 | - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> | |
3392 | - Cleanup of auth-passwd.c for shadow and MD5 passwords | |
3393 | - Cleanup and bugfix of PAM authentication code | |
f74efc8d | 3394 | - Released 1.2.1pre20 |
3395 | ||
3396 | - Merged fixes from Ben Taylor <bent@clark.net> | |
3397 | - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> | |
3398 | - Disabled logging of PAM password authentication failures when password | |
3399 | is empty. (e.g start of authentication loop). Reported by Naz | |
3400 | <96na@eng.cam.ac.uk>) | |
f498ed15 | 3401 | |
3402 | 19991223 | |
bcbf86ec | 3403 | - Merged later HPUX patch from Andre Lucas |
f498ed15 | 3404 | <andre.lucas@dial.pipex.com> |
3405 | - Above patch included better utmpx support from Ben Taylor | |
f74efc8d | 3406 | <bent@clark.net> |
f498ed15 | 3407 | |
eef6f7e9 | 3408 | 19991222 |
bcbf86ec | 3409 | - Fix undefined fd_set type in ssh.h from Povl H. Pedersen |
eef6f7e9 | 3410 | <pope@netguide.dk> |
ae28776a | 3411 | - Fix login.c breakage on systems which lack ut_host in struct |
3412 | utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com> | |
eef6f7e9 | 3413 | |
a7effaac | 3414 | 19991221 |
bcbf86ec | 3415 | - Integration of large HPUX patch from Andre Lucas |
3416 | <andre.lucas@dial.pipex.com>. Integrating it had a few other | |
a7effaac | 3417 | benefits: |
3418 | - Ability to disable shadow passwords at configure time | |
3419 | - Ability to disable lastlog support at configure time | |
3420 | - Support for IP address in $DISPLAY | |
ae2f7af7 | 3421 | - OpenBSD CVS update: |
3422 | - [sshconnect.c] | |
3423 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" | |
59dd7a31 | 3424 | - Fix DISABLE_SHADOW support |
3425 | - Allow MD5 passwords even if shadow passwords are disabled | |
16034de9 | 3426 | - Release 1.2.1pre19 |
a7effaac | 3427 | |
3f1d9bcd | 3428 | 19991218 |
bcbf86ec | 3429 | - Redhat init script patch from Chun-Chung Chen |
3f1d9bcd | 3430 | <cjj@u.washington.edu> |
7e1c2490 | 3431 | - Avoid breakage on systems without IPv6 headers |
3f1d9bcd | 3432 | |
60d804c8 | 3433 | 19991216 |
bcbf86ec | 3434 | - Makefile changes for Solaris from Peter Kocks |
60d804c8 | 3435 | <peter.kocks@baygate.com> |
89cafde6 | 3436 | - Minor updates to docs |
3437 | - Merged OpenBSD CVS changes: | |
3438 | - [authfd.c ssh-agent.c] | |
3439 | keysize warnings talk about identity files | |
3440 | - [packet.c] | |
3441 | "Connection closed by x.x.x.x": fatal() -> log() | |
bcbf86ec | 3442 | - Correctly handle empty passwords in shadow file. Patch from: |
c9d323f0 | 3443 | "Chris, the Young One" <cky@pobox.com> |
3444 | - Released 1.2.1pre18 | |
60d804c8 | 3445 | |
7dc6fc6d | 3446 | 19991215 |
3447 | - Integrated patchs from Juergen Keil <jk@tools.de> | |
3448 | - Avoid void* pointer arithmatic | |
3449 | - Use LDFLAGS correctly | |
68227e6d | 3450 | - Fix SIGIO error in scp |
3451 | - Simplify status line printing in scp | |
61e96248 | 3452 | - Added better test for inline functions compiler support from |
906a2515 | 3453 | Darren_Hall@progressive.com |
7dc6fc6d | 3454 | |
95f1eccc | 3455 | 19991214 |
3456 | - OpenBSD CVS Changes | |
3457 | - [canohost.c] | |
bcbf86ec | 3458 | fix get_remote_port() and friends for sshd -i; |
95f1eccc | 3459 | Holger.Trapp@Informatik.TU-Chemnitz.DE |
3460 | - [mpaux.c] | |
3461 | make code simpler. no need for memcpy. niels@ ok | |
3462 | - [pty.c] | |
3463 | namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org | |
3464 | fix proto; markus | |
3465 | - [ssh.1] | |
3466 | typo; mark.baushke@solipsa.com | |
3467 | - [channels.c ssh.c ssh.h sshd.c] | |
3468 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | |
3469 | - [sshconnect.c] | |
3470 | move checking of hostkey into own function. | |
3471 | - [version.h] | |
3472 | OpenSSH-1.2.1 | |
884bcb37 | 3473 | - Clean up broken includes in pty.c |
7303768f | 3474 | - Some older systems don't have poll.h, they use sys/poll.h instead |
3475 | - Doc updates | |
95f1eccc | 3476 | |
847e8865 | 3477 | 19991211 |
bcbf86ec | 3478 | - Fix compilation on systems with AFS. Reported by |
847e8865 | 3479 | aloomis@glue.umd.edu |
bcbf86ec | 3480 | - Fix installation on Solaris. Reported by |
847e8865 | 3481 | Gordon Rowell <gordonr@gormand.com.au> |
3482 | - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, | |
3483 | patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
3484 | - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com> | |
3485 | - Compile fix from David Agraz <dagraz@jahoopa.com> | |
3486 | - Avoid compiler warning in bsd-snprintf.c | |
bcbf86ec | 3487 | - Added pam_limits.so to default PAM config. Suggested by |
986a22ec | 3488 | Jim Knoble <jmknoble@jmknoble.cx> |
847e8865 | 3489 | |
8946db53 | 3490 | 19991209 |
3491 | - Import of patch from Ben Taylor <bent@clark.net>: | |
3492 | - Improved PAM support | |
3493 | - "uninstall" rule for Makefile | |
3494 | - utmpx support | |
3495 | - Should fix PAM problems on Solaris | |
2d86a6cc | 3496 | - OpenBSD CVS updates: |
3497 | - [readpass.c] | |
3498 | avoid stdio; based on work by markus, millert, and I | |
3499 | - [sshd.c] | |
3500 | make sure the client selects a supported cipher | |
3501 | - [sshd.c] | |
bcbf86ec | 3502 | fix sighup handling. accept would just restart and daemon handled |
3503 | sighup only after the next connection was accepted. use poll on | |
2d86a6cc | 3504 | listen sock now. |
3505 | - [sshd.c] | |
3506 | make that a fatal | |
87e91331 | 3507 | - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us> |
3508 | to fix libwrap support on NetBSD | |
5001b9e4 | 3509 | - Released 1.2pre17 |
8946db53 | 3510 | |
6d8c4ea4 | 3511 | 19991208 |
bcbf86ec | 3512 | - Compile fix for Solaris with /dev/ptmx from |
6d8c4ea4 | 3513 | David Agraz <dagraz@jahoopa.com> |
3514 | ||
4285816a | 3515 | 19991207 |
986a22ec | 3516 | - sshd Redhat init script patch from Jim Knoble <jmknoble@jmknoble.cx> |
4285816a | 3517 | fixes compatability with 4.x and 5.x |
db28aeb5 | 3518 | - Fixed default SSH_ASKPASS |
bcbf86ec | 3519 | - Fix PAM account and session being called multiple times. Problem |
d465f2ca | 3520 | reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk> |
a408af76 | 3521 | - Merged more OpenBSD changes: |
3522 | - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] | |
bcbf86ec | 3523 | move atomicio into it's own file. wrap all socket write()s which |
a408af76 | 3524 | were doing write(sock, buf, len) != len, with atomicio() calls. |
3525 | - [auth-skey.c] | |
3526 | fd leak | |
3527 | - [authfile.c] | |
3528 | properly name fd variable | |
3529 | - [channels.c] | |
3530 | display great hatred towards strcpy | |
3531 | - [pty.c pty.h sshd.c] | |
3532 | use openpty() if it exists (it does on BSD4_4) | |
3533 | - [tildexpand.c] | |
3534 | check for ~ expansion past MAXPATHLEN | |
3535 | - Modified helper.c to use new atomicio function. | |
3536 | - Reformat Makefile a little | |
3537 | - Moved RC4 routines from rc4.[ch] into helper.c | |
3538 | - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX) | |
9983a8ca | 3539 | - Updated SuSE spec from Chris Saia <csaia@wtower.com> |
3540 | - Tweaked Redhat spec | |
9158d92f | 3541 | - Clean up bad imports of a few files (forgot -kb) |
3542 | - Released 1.2pre16 | |
4285816a | 3543 | |
9c7b6dfd | 3544 | 19991204 |
3545 | - Small cleanup of PAM code in sshd.c | |
57112b5a | 3546 | - Merged OpenBSD CVS changes: |
3547 | - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h] | |
3548 | move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 | |
3549 | - [auth-rsa.c] | |
3550 | warn only about mismatch if key is _used_ | |
3551 | warn about keysize-mismatch with log() not error() | |
3552 | channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c | |
3553 | ports are u_short | |
3554 | - [hostfile.c] | |
3555 | indent, shorter warning | |
3556 | - [nchan.c] | |
3557 | use error() for internal errors | |
3558 | - [packet.c] | |
3559 | set loglevel for SSH_MSG_DISCONNECT to log(), not fatal() | |
3560 | serverloop.c | |
3561 | indent | |
3562 | - [ssh-add.1 ssh-add.c ssh.h] | |
3563 | document $SSH_ASKPASS, reasonable default | |
3564 | - [ssh.1] | |
3565 | CheckHostIP is not available for connects via proxy command | |
3566 | - [sshconnect.c] | |
3567 | typo | |
3568 | easier to read client code for passwd and skey auth | |
3569 | turn of checkhostip for proxy connects, since we don't know the remote ip | |
9c7b6dfd | 3570 | |
dad3b556 | 3571 | 19991126 |
3572 | - Add definition for __P() | |
3573 | - Added [v]snprintf() replacement for systems that lack it | |
3574 | ||
0ce43ae4 | 3575 | 19991125 |
3576 | - More reformatting merged from OpenBSD CVS | |
3577 | - Merged OpenBSD CVS changes: | |
3578 | - [channels.c] | |
3579 | fix packet_integrity_check() for !have_hostname_in_open. | |
3580 | report from mrwizard@psu.edu via djm@ibs.com.au | |
3581 | - [channels.c] | |
3582 | set SO_REUSEADDR and SO_LINGER for forwarded ports. | |
3583 | chip@valinux.com via damien@ibs.com.au | |
3584 | - [nchan.c] | |
3585 | it's not an error() if shutdown_write failes in nchan. | |
3586 | - [readconf.c] | |
3587 | remove dead #ifdef-0-code | |
3588 | - [readconf.c servconf.c] | |
3589 | strcasecmp instead of tolower | |
3590 | - [scp.c] | |
3591 | progress meter overflow fix from damien@ibs.com.au | |
3592 | - [ssh-add.1 ssh-add.c] | |
3593 | SSH_ASKPASS support | |
3594 | - [ssh.1 ssh.c] | |
3595 | postpone fork_after_authentication until command execution, | |
3596 | request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au | |
3597 | plus: use daemon() for backgrounding | |
cf8dd513 | 3598 | - Added BSD compatible install program and autoconf test, thanks to |
3599 | Niels Kristian Bech Jensen <nkbj@image.dk> | |
3600 | - Solaris fixing, thanks to Ben Taylor <bent@clark.net> | |
09041313 | 3601 | - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> |
3dbefdb8 | 3602 | - Release 1.2pre15 |
0ce43ae4 | 3603 | |
5260325f | 3604 | 19991124 |
3605 | - Merged very large OpenBSD source code reformat | |
3606 | - OpenBSD CVS updates | |
3607 | - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] | |
3608 | [ssh.h sshd.8 sshd.c] | |
3609 | syslog changes: | |
3610 | * Unified Logmessage for all auth-types, for success and for failed | |
3611 | * Standard connections get only ONE line in the LOG when level==LOG: | |
3612 | Auth-attempts are logged only, if authentication is: | |
3613 | a) successfull or | |
3614 | b) with passwd or | |
3615 | c) we had more than AUTH_FAIL_LOG failues | |
3616 | * many log() became verbose() | |
3617 | * old behaviour with level=VERBOSE | |
3618 | - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] | |
3619 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | |
3620 | messages. allows use of s/key in windows (ttssh, securecrt) and | |
3621 | ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |
3622 | - [sshd.8] | |
3623 | -V, for fallback to openssh in SSH2 compatibility mode | |
3624 | - [sshd.c] | |
3625 | fix sigchld race; cjc5@po.cwru.edu | |
3626 | ||
4655fe80 | 3627 | 19991123 |
3628 | - Added SuSE package files from Chris Saia <csaia@wtower.com> | |
8b241e50 | 3629 | - Restructured package-related files under packages/* |
4655fe80 | 3630 | - Added generic PAM config |
8b241e50 | 3631 | - Numerous little Solaris fixes |
9c08d6ce | 3632 | - Add recommendation to use GNU make to INSTALL document |
4655fe80 | 3633 | |
60bed5fd | 3634 | 19991122 |
3635 | - Make <enter> close gnome-ssh-askpass (Debian bug #50299) | |
2f2cc3f9 | 3636 | - OpenBSD CVS Changes |
bcbf86ec | 3637 | - [ssh-keygen.c] |
3638 | don't create ~/.ssh only if the user wants to store the private | |
3639 | key there. show fingerprint instead of public-key after | |
2f2cc3f9 | 3640 | keygeneration. ok niels@ |
b09a984b | 3641 | - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h |
96ad4350 | 3642 | - Added timersub() macro |
b09a984b | 3643 | - Tidy RCSIDs of bsd-*.c |
bcbf86ec | 3644 | - Added autoconf test and macro to deal with old PAM libraries |
96ad4350 | 3645 | pam_strerror definition (one arg vs two). |
530f1889 | 3646 | - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>) |
bcbf86ec | 3647 | - Retry /dev/urandom reads interrupted by signal (report from |
530f1889 | 3648 | Robert Hardy <rhardy@webcon.net>) |
1647c2b5 | 3649 | - Added a setenv replacement for systems which lack it |
d84a9a44 | 3650 | - Only display public key comment when presenting ssh-askpass dialog |
3651 | - Released 1.2pre14 | |
60bed5fd | 3652 | |
bcbf86ec | 3653 | - Configure, Make and changelog corrections from Tudor Bosman |
2ddcfdf3 | 3654 | <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk> |
3655 | ||
9d6b7add | 3656 | 19991121 |
2f2cc3f9 | 3657 | - OpenBSD CVS Changes: |
60bed5fd | 3658 | - [channels.c] |
3659 | make this compile, bad markus | |
3660 | - [log.c readconf.c servconf.c ssh.h] | |
3661 | bugfix: loglevels are per host in clientconfig, | |
3662 | factor out common log-level parsing code. | |
3663 | - [servconf.c] | |
3664 | remove unused index (-Wall) | |
3665 | - [ssh-agent.c] | |
3666 | only one 'extern char *__progname' | |
3667 | - [sshd.8] | |
3668 | document SIGHUP, -Q to synopsis | |
3669 | - [sshconnect.c serverloop.c sshd.c packet.c packet.h] | |
3670 | [channels.c clientloop.c] | |
3671 | SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ | |
3672 | [hope this time my ISP stays alive during commit] | |
3673 | - [OVERVIEW README] typos; green@freebsd | |
3674 | - [ssh-keygen.c] | |
3675 | replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) | |
3676 | exit if writing the key fails (no infinit loop) | |
3677 | print usage() everytime we get bad options | |
3678 | - [ssh-keygen.c] overflow, djm@mindrot.org | |
3679 | - [sshd.c] fix sigchld race; cjc5@po.cwru.edu | |
61e96248 | 3680 | |
2b942fe0 | 3681 | 19991120 |
bcbf86ec | 3682 | - Merged more Solaris support from Marc G. Fournier |
2b942fe0 | 3683 | <marc.fournier@acadiau.ca> |
3684 | - Wrote autoconf tests for integer bit-types | |
3685 | - Fixed enabling kerberos support | |
bcbf86ec | 3686 | - Fix segfault in ssh-keygen caused by buffer overrun in filename |
13c36c4c | 3687 | handling. |
2b942fe0 | 3688 | |
06479889 | 3689 | 19991119 |
3690 | - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com> | |
2ad77510 | 3691 | - Merged OpenBSD CVS changes |
3692 | - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] | |
3693 | more %d vs. %s in fmt-strings | |
3694 | - [authfd.c] | |
3695 | Integers should not be printed with %s | |
7b1cc56c | 3696 | - EGD uses a socket, not a named pipe. Duh. |
3697 | - Fix includes in fingerprint.c | |
29dbde15 | 3698 | - Fix scp progress bar bug again. |
bcbf86ec | 3699 | - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of |
736890c4 | 3700 | David Rankin <drankin@bohemians.lexington.ky.us> |
91b8065d | 3701 | - Added autoconf option to enable Kerberos 4 support (untested) |
3702 | - Added autoconf option to enable AFS support (untested) | |
3703 | - Added autoconf option to enable S/Key support (untested) | |
3704 | - Added autoconf option to enable TCP wrappers support (compiles OK) | |
beb43d31 | 3705 | - Renamed BSD helper function files to bsd-* |
bcbf86ec | 3706 | - Added tests for login and daemon and enable OpenBSD replacements for |
caf3bc51 | 3707 | when they are absent. |
3708 | - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> | |
06479889 | 3709 | |
2bd61362 | 3710 | 19991118 |
3711 | - Merged OpenBSD CVS changes | |
3712 | - [scp.c] foregroundproc() in scp | |
3713 | - [sshconnect.h] include fingerprint.h | |
bcbf86ec | 3714 | - [sshd.c] bugfix: the log() for passwd-auth escaped during logging |
2bd61362 | 3715 | changes. |
0c16a097 | 3716 | - [ssh.1] Spell my name right. |
2bd61362 | 3717 | - Added openssh.com info to README |
3718 | ||
f095fcc7 | 3719 | 19991117 |
3720 | - Merged OpenBSD CVS changes | |
3721 | - [ChangeLog.Ylonen] noone needs this anymore | |
3722 | - [authfd.c] close-on-exec for auth-socket, ok deraadt | |
bcbf86ec | 3723 | - [hostfile.c] |
3724 | in known_hosts key lookup the entry for the bits does not need | |
3725 | to match, all the information is contained in n and e. This | |
3726 | solves the problem with buggy servers announcing the wrong | |
f095fcc7 | 3727 | modulus length. markus and me. |
bcbf86ec | 3728 | - [serverloop.c] |
3729 | bugfix: check for space if child has terminated, from: | |
f095fcc7 | 3730 | iedowse@maths.tcd.ie |
3731 | - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] | |
3732 | [fingerprint.c fingerprint.h] | |
3733 | rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> | |
3734 | - [ssh-agent.1] typo | |
3735 | - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ | |
bcbf86ec | 3736 | - [sshd.c] |
f095fcc7 | 3737 | force logging to stderr while loading private key file |
3738 | (lost while converting to new log-levels) | |
3739 | ||
4d195447 | 3740 | 19991116 |
3741 | - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> | |
3742 | - Merged OpenBSD CVS changes: | |
3743 | - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] | |
3744 | [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] | |
3745 | the keysize of rsa-parameter 'n' is passed implizit, | |
3746 | a few more checks and warnings about 'pretended' keysizes. | |
3747 | - [cipher.c cipher.h packet.c packet.h sshd.c] | |
3748 | remove support for cipher RC4 | |
3749 | - [ssh.c] | |
3750 | a note for legay systems about secuity issues with permanently_set_uid(), | |
3751 | the private hostkey and ptrace() | |
3752 | - [sshconnect.c] | |
3753 | more detailed messages about adding and checking hostkeys | |
3754 | ||
dad9a31e | 3755 | 19991115 |
3756 | - Merged OpenBSD CVS changes: | |
bcbf86ec | 3757 | - [ssh-add.c] change passphrase loop logic and remove ref to |
dad9a31e | 3758 | $DISPLAY, ok niels |
3759 | - Changed to ssh-add.c broke askpass support. Revised it to be a little more | |
bcbf86ec | 3760 | modular. |
dad9a31e | 3761 | - Revised autoconf support for enabling/disabling askpass support. |
e7c0f9d5 | 3762 | - Merged more OpenBSD CVS changes: |
704b1659 | 3763 | [auth-krb4.c] |
3764 | - disconnect if getpeername() fails | |
3765 | - missing xfree(*client) | |
3766 | [canohost.c] | |
3767 | - disconnect if getpeername() fails | |
3768 | - fix comment: we _do_ disconnect if ip-options are set | |
3769 | [sshd.c] | |
3770 | - disconnect if getpeername() fails | |
3771 | - move checking of remote port to central place | |
3772 | [auth-rhosts.c] move checking of remote port to central place | |
3773 | [log-server.c] avoid extra fd per sshd, from millert@ | |
3774 | [readconf.c] print _all_ bad config-options in ssh(1), too | |
3775 | [readconf.h] print _all_ bad config-options in ssh(1), too | |
3776 | [ssh.c] print _all_ bad config-options in ssh(1), too | |
3777 | [sshconnect.c] disconnect if getpeername() fails | |
e7c0f9d5 | 3778 | - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. |
c75a1a66 | 3779 | - Various small cleanups to bring diff (against OpenBSD) size down. |
f601d847 | 3780 | - Merged more Solaris compability from Marc G. Fournier |
3781 | <marc.fournier@acadiau.ca> | |
3782 | - Wrote autoconf tests for __progname symbol | |
986a22ec | 3783 | - RPM spec file fixes from Jim Knoble <jmknoble@jmknoble.cx> |
0c372277 | 3784 | - Released 1.2pre12 |
3785 | ||
3786 | - Another OpenBSD CVS update: | |
3787 | - [ssh-keygen.1] fix .Xr | |
dad9a31e | 3788 | |
92da7197 | 3789 | 19991114 |
3790 | - Solaris compilation fixes (still imcomplete) | |
3791 | ||
94f7bb9e | 3792 | 19991113 |
dd092f97 | 3793 | - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk> |
3794 | - Don't install config files if they already exist | |
3795 | - Fix inclusion of additional preprocessor directives from acconfig.h | |
94f7bb9e | 3796 | - Removed redundant inclusions of config.h |
e9c75a39 | 3797 | - Added 'Obsoletes' lines to RPM spec file |
94f7bb9e | 3798 | - Merged OpenBSD CVS changes: |
3799 | - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels | |
bcbf86ec | 3800 | - [scp.c] fix overflow reported by damien@ibs.com.au: off_t |
94f7bb9e | 3801 | totalsize, ok niels,aaron |
bcbf86ec | 3802 | - Delay fork (-f option) in ssh until after port forwarded connections |
94f7bb9e | 3803 | have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi> |
b2344d54 | 3804 | - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de> |
3805 | - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled | |
dd092f97 | 3806 | - Tidied default config file some more |
3807 | - Revised Redhat initscript to fix bug: sshd (re)start would fail | |
3808 | if executed from inside a ssh login. | |
94f7bb9e | 3809 | |
e35c1dc2 | 3810 | 19991112 |
3811 | - Merged changes from OpenBSD CVS | |
3812 | - [sshd.c] session_key_int may be zero | |
b4748e2f | 3813 | - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] |
bcbf86ec | 3814 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok |
b4748e2f | 3815 | deraadt,millert |
3816 | - Brought default sshd_config more in line with OpenBSD's | |
547c9f30 | 3817 | - Grab server in gnome-ssh-askpass (Debian bug #49872) |
3818 | - Released 1.2pre10 | |
e35c1dc2 | 3819 | |
8bc7973f | 3820 | - Added INSTALL documentation |
6fa724bc | 3821 | - Merged yet more changes from OpenBSD CVS |
3822 | - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] | |
3823 | [ssh.c ssh.h sshconnect.c sshd.c] | |
3824 | make all access to options via 'extern Options options' | |
3825 | and 'extern ServerOptions options' respectively; | |
3826 | options are no longer passed as arguments: | |
3827 | * make options handling more consistent | |
3828 | * remove #include "readconf.h" from ssh.h | |
3829 | * readconf.h is only included if necessary | |
3830 | - [mpaux.c] clear temp buffer | |
3831 | - [servconf.c] print _all_ bad options found in configfile | |
045672f9 | 3832 | - Make ssh-askpass support optional through autoconf |
59b0f0d4 | 3833 | - Fix nasty division-by-zero error in scp.c |
3834 | - Released 1.2pre11 | |
8bc7973f | 3835 | |
4cca272e | 3836 | 19991111 |
3837 | - Added (untested) Entropy Gathering Daemon (EGD) support | |
67d68e3a | 3838 | - Fixed /dev/urandom fd leak (Debian bug #49722) |
5bbb5681 | 3839 | - Merged OpenBSD CVS changes: |
3840 | - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
3841 | - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
3842 | - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
bcbf86ec | 3843 | - Fix integer overflow which was messing up scp's progress bar for large |
3f1d9bcd | 3844 | file transfers. Fix submitted to OpenBSD developers. Report and fix |
3845 | from Kees Cook <cook@cpoint.net> | |
6a17f9c2 | 3846 | - Merged more OpenBSD CVS changes: |
bcbf86ec | 3847 | - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() |
6a17f9c2 | 3848 | + krb-cleanup cleanup |
3849 | - [clientloop.c log-client.c log-server.c ] | |
3850 | [readconf.c readconf.h servconf.c servconf.h ] | |
3851 | [ssh.1 ssh.c ssh.h sshd.8] | |
3852 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | |
3853 | obsoletes QuietMode and FascistLogging in sshd. | |
e35c1dc2 | 3854 | - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: |
3855 | allow session_key_int != sizeof(session_key) | |
3856 | [this should fix the pre-assert-removal-core-files] | |
3857 | - Updated default config file to use new LogLevel option and to improve | |
3858 | readability | |
3859 | ||
f370266e | 3860 | 19991110 |
67d68e3a | 3861 | - Merged several minor fixes: |
f370266e | 3862 | - ssh-agent commandline parsing |
3863 | - RPM spec file now installs ssh setuid root | |
3864 | - Makefile creates libdir | |
4cca272e | 3865 | - Merged beginnings of Solaris compability from Marc G. Fournier |
3866 | <marc.fournier@acadiau.ca> | |
f370266e | 3867 | |
d4f11b59 | 3868 | 19991109 |
3869 | - Autodetection of SSL/Crypto library location via autoconf | |
3870 | - Fixed location of ssh-askpass to follow autoconf | |
3871 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
3872 | - Autodetection of RSAref library for US users | |
3873 | - Minor doc updates | |
560557bb | 3874 | - Merged OpenBSD CVS changes: |
3875 | - [rsa.c] bugfix: use correct size for memset() | |
3876 | - [sshconnect.c] warn if announced size of modulus 'n' != real size | |
f025becb | 3877 | - Added GNOME passphrase requestor (use --with-gnome-askpass) |
d397b172 | 3878 | - RPM build now creates subpackages |
aa51e7cc | 3879 | - Released 1.2pre9 |
d4f11b59 | 3880 | |
e1a9c08d | 3881 | 19991108 |
3882 | - Removed debian/ directory. This is now being maintained separately. | |
3883 | - Added symlinks for slogin in RPM spec file | |
3884 | - Fixed permissions on manpages in RPM spec file | |
3885 | - Added references to required libraries in README file | |
3886 | - Removed config.h.in from CVS | |
3887 | - Removed pwdb support (better pluggable auth is provided by glibc) | |
3888 | - Made PAM and requisite libdl optional | |
3889 | - Removed lots of unnecessary checks from autoconf | |
3890 | - Added support and autoconf test for openpty() function (Unix98 pty support) | |
3891 | - Fix for scp not finding ssh if not installed as /usr/bin/ssh | |
3892 | - Added TODO file | |
3893 | - Merged parts of Debian patch From Phil Hands <phil@hands.com>: | |
3894 | - Added ssh-askpass program | |
3895 | - Added ssh-askpass support to ssh-add.c | |
3896 | - Create symlinks for slogin on install | |
3897 | - Fix "distclean" target in makefile | |
3898 | - Added example for ssh-agent to manpage | |
3899 | - Added support for PAM_TEXT_INFO messages | |
3900 | - Disable internal /etc/nologin support if PAM enabled | |
3901 | - Merged latest OpenBSD CVS changes: | |
5bae4ab8 | 3902 | - [all] replace assert() with error, fatal or packet_disconnect |
e1a9c08d | 3903 | - [sshd.c] don't send fail-msg but disconnect if too many authentication |
3904 | failures | |
e1a9c08d | 3905 | - [sshd.c] remove unused argument. ok dugsong |
3906 | - [sshd.c] typo | |
3907 | - [rsa.c] clear buffers used for encryption. ok: niels | |
3908 | - [rsa.c] replace assert() with error, fatal or packet_disconnect | |
ade6fccd | 3909 | - [auth-krb4.c] remove unused argument. ok dugsong |
e1a9c08d | 3910 | - Fixed coredump after merge of OpenBSD rsa.c patch |
9010d60a | 3911 | - Released 1.2pre8 |
e1a9c08d | 3912 | |
3028328e | 3913 | 19991102 |
3914 | - Merged change from OpenBSD CVS | |
3915 | - One-line cleanup in sshd.c | |
3916 | ||
474832c5 | 3917 | 19991030 |
3918 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | |
69256d9d | 3919 | - Merged latest updates for OpenBSD CVS: |
3920 | - channels.[ch] - remove broken x11 fix and document istate/ostate | |
3921 | - ssh-agent.c - call setsid() regardless of argv[] | |
3922 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | |
3923 | - Documentation cleanups | |
3924 | - Renamed README -> README.Ylonen | |
3925 | - Renamed README.openssh ->README | |
474832c5 | 3926 | |
339660f6 | 3927 | 19991029 |
3928 | - Renamed openssh* back to ssh* at request of Theo de Raadt | |
3929 | - Incorporated latest changes from OpenBSD's CVS | |
3930 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
3931 | - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | |
549b3eed | 3932 | - Make distclean now removed configure script |
3933 | - Improved PAM logging | |
3934 | - Added some debug() calls for PAM | |
4ecd19ea | 3935 | - Removed redundant subdirectories |
bcbf86ec | 3936 | - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for |
4ecd19ea | 3937 | building on Debian. |
242588e6 | 3938 | - Fixed off-by-one error in PAM env patch |
3939 | - Released 1.2pre6 | |
339660f6 | 3940 | |
5881cd60 | 3941 | 19991028 |
3942 | - Further PAM enhancements. | |
3943 | - Much cleaner | |
3944 | - Now uses account and session modules for all logins. | |
3945 | - Integrated patch from Dan Brosemer <odin@linuxfreak.com> | |
3946 | - Build fixes | |
3947 | - Autoconf | |
3948 | - Change binary names to open* | |
3949 | - Fixed autoconf script to detect PAM on RH6.1 | |
3950 | - Added tests for libpwdb, and OpenBSD functions to autoconf | |
221395b3 | 3951 | - Released 1.2pre4 |
fca82d2e | 3952 | |
3953 | - Imported latest OpenBSD CVS code | |
3954 | - Updated README.openssh | |
93f04616 | 3955 | - Released 1.2pre5 |
fca82d2e | 3956 | |
5881cd60 | 3957 | 19991027 |
3958 | - Adapted PAM patch. | |
3959 | - Released 1.0pre2 | |
3960 | ||
3961 | - Excised my buggy replacements for strlcpy and mkdtemp | |
3962 | - Imported correct OpenBSD strlcpy and mkdtemp routines. | |
3963 | - Reduced arc4random_stir entropy read to 32 bytes (256 bits) | |
3964 | - Picked up correct version number from OpenBSD | |
3965 | - Added sshd.pam PAM configuration file | |
3966 | - Added sshd.init Redhat init script | |
3967 | - Added openssh.spec RPM spec file | |
3968 | - Released 1.2pre3 | |
3969 | ||
3970 | 19991026 | |
3971 | - Fixed include paths of OpenSSL functions | |
3972 | - Use OpenSSL MD5 routines | |
3973 | - Imported RC4 code from nanocrypt | |
3974 | - Wrote replacements for OpenBSD arc4random* functions | |
3975 | - Wrote replacements for strlcpy and mkdtemp | |
3976 | - Released 1.0pre1 | |
0b202697 | 3977 | |
3978 | $Id$ |